Detect Path Interception By Creation Of Program Exe

Description

The detection Detect Path Interception By Creation Of program exe is detecting the abuse of unquoted service paths, which is a popular technique for privilege escalation.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Security Monitoring

Category

Adversary Tactics

Alert Volume

The detection Detect Path Interception By Creation Of program exe is detecting the abuse of unquoted service paths, which is a popular technique for privilege escalation.

SPL Difficulty

None

Journey

Stage 3

MITRE ATT&CK Tactics

Persistence
Privilege Escalation
Defense Evasion

MITRE ATT&CK Techniques

Hijack Execution Flow

Path Interception by Unquoted Path

Data Sources

Endpoint Detection and Response

   Search

Open in Search