Suspicious Remote Logon with Explicit Credentials (941e5c45-cda7-4864-8cea-bbb7458d194a)
Detects suspicious processes logging on with explicit credentials
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Suspicious Remote Logon with Explicit Credentials (941e5c45-cda7-4864-8cea-bbb7458d194a) | Sigma-Rules | Valid Accounts - T1078 (b17a1a56-e99c-403c-8948-561df0cffe81) | Attack Pattern | 1 |