EXPLORE
Sign In
← Back to Explore
S0002

S0002

10
Detections
1
Sources
0
Threat Actors

BY SOURCE

10sigma

PROCEDURES (7)

Process Access2 detections

Auto-extracted: 2 detections for process access

Credential2 detections

Auto-extracted: 2 detections for credential

Dump2 detections

Auto-extracted: 2 detections for dump

Credential1 detections

Auto-extracted: 1 detections for credential

Mimikatz1 detections

Auto-extracted: 1 detections for mimikatz

Process Access1 detections

Auto-extracted: 1 detections for process access

Mimikatz1 detections

Auto-extracted: 1 detections for mimikatz

DETECTIONS (10)

Credential Dumping Attempt Via WerFault
sigmahigh
HackTool - Generic Process Access
sigmahigh
LSASS Access From Potentially White-Listed Processes
sigmahigh
LSASS Memory Access by Tool With Dump Keyword In Name
sigmahigh
Mimikatz DC Sync
sigmahigh
Mimikatz Use
sigmahigh
Potential Credential Dumping Activity Via LSASS
sigmamedium
Potentially Suspicious GrantedAccess Flags On LSASS
sigmamedium
Remote LSASS Process Access Through Windows Remote Management
sigmahigh
Successful Overpass the Hash Attempt
sigmahigh