EXPLORE

← Back to Explore

T1204.001

Malicious Link

An adversary may rely upon a user clicking a malicious link in order to gain execution. Users may be subjected to social engineering to get them to click on a link that will lead to code execution. This user action will typically be observed as follow-on behavior from [Spearphishing Link](https://attack.mitre.org/techniques/T1566/002). Clicking on a link may also lead to other execution techniques such as exploitation of a browser or application vulnerability via [Exploitation for Client Executi...

LinuxmacOSWindows

9

Detections

4

Sources

47

Threat Actors

BY SOURCE

4sigma2elastic2splunk_escu1crowdstrike_cql

PROCEDURES (9)

Email1 detections

Auto-extracted: 1 detections for email

Download1 detections

Auto-extracted: 1 detections for download

Email1 detections

Auto-extracted: 1 detections for email

Http1 detections

Auto-extracted: 1 detections for http

Powershell1 detections

Auto-extracted: 1 detections for powershell

Unusual1 detections

Auto-extracted: 1 detections for unusual

Suspicious1 detections

Auto-extracted: 1 detections for suspicious

Exfiltrat1 detections

Auto-extracted: 1 detections for exfiltrat

Remote1 detections

Auto-extracted: 1 detections for remote

DETECTIONS (9)

Google Workspace Object Copied to External Drive with App Consent

LeakNet Campaign: Deno Runtime & Klist Suspicious Execution Detection

crowdstrike_cql

Network Traffic to Rare Destination Country

Potential ClickFix Execution Pattern - Registry

Suspicious ClickFix/FileFix Execution Pattern

Suspicious Execution via macOS Script Editor

Symlink Etc Passwd

Windows ISO LNK File Creation

Windows PowerShell FakeCAPTCHA Clipboard Execution