4ensiX

4ensiX

FPと言ったものはFPを選んだが表示はTPになっていることに気づいた。

2022-02-11から1日間の記事一覧

LetsDefend level 1 alert SOC113 - Suspicious hh.exe Usage event-id 44

Details playbook Define Threat Indicator Check if the malware is quarantined/cleaned Endpoint - BillPRD CMD History Analyze Malware WinRAR.chm Add Artifacts End Details EventID: 44 Event Time: Jan. 31, 2021, 4:59 p.m. Rule: SOC113 - Suspic…

LetsDefend level 1 alert SOC116 - DNS Hijacking Detected event-id 49

Details playbook Define Threat Indicator Check if the malware is quarantined/cleaned Analyze Malware Endpoint - WilsonPRD Browser History CMD History Network Connections update.py Check If Someone Requested the C2 Log search - 49.233.160.2…