Potentially Suspicious Execution Of Regasm/Regsvcs With Uncommon Extension (e9f8f8cc-07cc-4e81-b724-f387db9175e4)

Detects potentially suspicious execution of the Regasm/Regsvcs utilities with an uncommon extension.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Regsvcs/Regasm - T1218.009 (c48a67ee-b657-45c1-91bf-6cdbe27205f8)	Attack Pattern	Potentially Suspicious Execution Of Regasm/Regsvcs With Uncommon Extension (e9f8f8cc-07cc-4e81-b724-f387db9175e4)	Sigma-Rules	1
System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4)	Attack Pattern	Regsvcs/Regasm - T1218.009 (c48a67ee-b657-45c1-91bf-6cdbe27205f8)	Attack Pattern	2