
Rule Info
Name
Potential CommandLine Confusion Via Path Escape Abuse
Author
Nasreddine Bencherchali (Nextron Systems)
Description
Detects additional path escapes in the commandline, which could be a sign of obfuscation or defense evasion in order to confuse commandline logging
Date
2023-02-28 00:00:00
Modified
2023-03-16 00:00:00
Id
376e5108-02e6-4f89-98bf-8be09b97616a
Tags
attack.defense_evasion
Type
Nextron Sigma feed only (private)