Skip to content

Hide Navigation Hide TOC

Potential Persistence Via Excel Add-in - Registry (961e33d1-4f86-4fcf-80ab-930a708b2f82)

Detect potential persistence via the creation of an excel add-in (XLL) file to make it run automatically when Excel is started.

Cluster A Galaxy A Cluster B Galaxy B Level
Potential Persistence Via Excel Add-in - Registry (961e33d1-4f86-4fcf-80ab-930a708b2f82) Sigma-Rules Add-ins - T1137.006 (34f1d81d-fe88-4f97-bd3b-a3164536255d) Attack Pattern 1
Office Application Startup - T1137 (2c4d4e92-0ccf-4a97-b54c-86d662988a53) Attack Pattern Add-ins - T1137.006 (34f1d81d-fe88-4f97-bd3b-a3164536255d) Attack Pattern 2