Detect Activity Related To Pass The Hash Attacks

Description

This search looks for specific authentication events from the Windows Security Event logs to detect potential attempts at using the Pass-the-Hash technique.