Windows Suspect Process With Authentication Traffic
Account Discovery, Domain Account, User Execution, Malicious File
Account Discovery, Domain Account, User Execution, Malicious File
Remote Services, SMB/Windows Admin Shares, Distributed Component Object Model, Windows Management Instrumentation, Windows Service
Service Stop
Disk Structure Wipe, Disk Wipe
Security Account Manager, OS Credential Dumping