LoFP
/
t1039
t1039
Title
Tags
administrative scripts
t1021
t1021.002
t1039
t1048
t1055
t1059
t1059.001
t1059.005
t1137
t1218
t1543
t1543.003
windows
sigma
help desk operator doing backup or re-imaging end user machine or backup software
t1039
zeek
windows
sigma
legitimate powershell scripts that make use of these functions.
t1039
t1055
t1059
t1069
t1087
t1106
t1135
t1482
windows
elastic
users working with these data types or exchanging message files
t1039
zeek
windows
sigma
LoFP
/
t1039