Local Account
Adversaries may create a local account to maintain access to victim systems. Local accounts are those configured by an organization for use by users, remote support, services, or for administration on a single system or service. For example, with a sufficient level of access, the Windows <code>net user /add</code> command can be used to create a local account. In Linux, the `useradd` command can be used, while on macOS systems, the <code>dscl -create</code> command can be used. Local accounts...
BY SOURCE
PROCEDURES (24)
Auto-extracted: 4 detections for persist
Auto-extracted: 4 detections for persist
Auto-extracted: 3 detections for general monitoring
Auto-extracted: 3 detections for privilege
Auto-extracted: 3 detections for process creation monitoring
Auto-extracted: 3 detections for privilege
Auto-extracted: 2 detections for suspicious
Auto-extracted: 2 detections for remote
Auto-extracted: 2 detections for registry monitoring
Auto-extracted: 2 detections for cloud
Auto-extracted: 1 detections for cloud
Auto-extracted: 1 detections for network connection monitoring
Auto-extracted: 1 detections for service
Auto-extracted: 1 detections for remote
Auto-extracted: 1 detections for remote
Auto-extracted: 1 detections for service
Auto-extracted: 1 detections for powershell
Auto-extracted: 1 detections for privilege
Auto-extracted: 1 detections for suspicious
Auto-extracted: 1 detections for privilege
Auto-extracted: 1 detections for bypass
Auto-extracted: 1 detections for bypass
Auto-extracted: 1 detections for powershell
Auto-extracted: 1 detections for bypass