Unusual Web Browser

Unusual Web Browser

Description

Triggered when either a user or device exhibits a rare browser user agent string (e.g., iexplorer.exe instead of iexplore.exe).

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Advanced Threat Detection, Security Monitoring

Category

Endpoint Compromise, Unauthorized Software

Alert Volume

Medium

Data Availability

Bad

Journey

Stage 4

MITRE ATT&CK Tactics

Command and Control
Exfiltration

MITRE ATT&CK Techniques

Application Layer Protocol
Exfiltration Over C2 Channel
Commonly Used Port

MITRE Threat Groups

Lazarus Group
APT3
Kimsuky
MuddyWater
Rocke
APT32
Gamaredon Group
Stealth Falcon
Soft Cell
Frankenstein
Sandworm Team
Dragonfly 2.0
Wizard Spider
Magic Hound
Ke3chang

Data Sources

Web Proxy