![Back to home Valhalla Logo](/static/valhalla-logo.png)
Rule Info
Name
Remote Command Execution Via Winrs.EXE
Author
Nasreddine Bencherchali (Nextron Systems)
Description
Detects the execution of remote command via "winrs.exe" using the WinRM service.
Date
2024-05-03 00:00:00
Modified
None
Id
7f9d3496-2d37-4e75-b339-54a862348009
Tags
attack.execution
Type
Nextron Sigma feed only (private)