Skip to content

Hide Navigation Hide TOC

Potential Suspicious Change To Sensitive/Critical Files (86157017-c2b1-4d4a-8c33-93b8e67e4af4)

Detects changes of sensitive and critical files. Monitors files that you don't expect to change without planning on Linux system. These files include, but are not limited to, system configuration files, authentication files, and critical application files. Attackers often target these files to maintain persistence, escalate privileges, or disrupt system operations.

Cluster A Galaxy A Cluster B Galaxy B Level
Stored Data Manipulation - T1565.001 (1cfcb312-b8d7-47a4-b560-4b16cc677292) Attack Pattern Potential Suspicious Change To Sensitive/Critical Files (86157017-c2b1-4d4a-8c33-93b8e67e4af4) Sigma-Rules 1
Data Manipulation - T1565 (ac9e6b22-11bf-45d7-9181-c1cb08360931) Attack Pattern Stored Data Manipulation - T1565.001 (1cfcb312-b8d7-47a4-b560-4b16cc677292) Attack Pattern 2