LoFP
/
t1567.002
t1567.002
Title
Tags
dns queries for \"ufile\" are not malicious by nature necessarily. investigate the source to determine the necessary actions to take
t1567
t1567.002
windows
sigma
legitimate dns queries and usage of mega
t1567
t1567.002
windows
sigma
legitimate rclone usage
t1567
t1567.002
windows
sigma
network admin or normal user may share files to customer and external team.
t1567
t1567.002
gsuite
splunk
rare legitimate access to anonfiles.com
t1567
t1567.002
windows
sigma
valid requests with this exact user agent to that is used by legitimate scripts or sysadmin operations
t1567
t1567.002
sigma
LoFP
/
t1567.002