2024-01-12 16:08:06 +00:00
{
"authors" : [
"MITRE"
] ,
"category" : "data-component" ,
"description" : "Data components are parts of data sources. " ,
"name" : "mitre-data-component" ,
"source" : "https://github.com/mitre/cti" ,
"type" : "mitre-data-component" ,
2024-01-12 16:48:53 +00:00
"uuid" : "d2c1cf9e-c581-4a70-b1c5-12e6de3f0e83" ,
2024-01-12 16:08:06 +00:00
"values" : [
{
"description" : "Opening of an active directory object, typically to collect/read its value (ex: Windows EID 4661)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "03d7999c-1f4c-42cc-8373-e7690d318104" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1b20efbf-8063-4fc3-a07d-b575318a301b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5c6de881-bc70-4070-855a-7a9631a407f7" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "f303a39a-6255-4b89-aecc-18c4d8ca7163" ,
"type" : "detects"
}
] ,
"uuid" : "5c6de881-bc70-4070-855a-7a9631a407f7" ,
"value" : "Active Directory Object Access"
} ,
{
"description" : "Initial construction of a new active directory object (ex: Windows EID 5137)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "18b236d8-7224-488f-9d2f-50076a0f653a" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "24769ab5-14bd-4f4e-a752-cfb185da53ee" ,
"type" : "detects"
} ,
{
"dest-uuid" : "564998d8-ab3e-4123-93fb-eccaa6b9714a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5d2be8b9-d24c-4e98-83bf-2f5f79477163" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7decb26c-715c-40cf-b7e0-026f7d7cc215" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "8a2f40cf-8325-47f9-96e4-b1ca4c7389bd" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "ebb42bbe-62d7-47d7-a55f-3b08b61d792d" ,
"type" : "detects"
}
] ,
"uuid" : "18b236d8-7224-488f-9d2f-50076a0f653a" ,
"value" : "Active Directory Object Creation"
} ,
{
"description" : "A user requested active directory credentials, such as a ticket or token (ex: Windows EID 4769)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "02d090b6-8157-48da-98a2-517f7edd49fc" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "3986e7fd-a8e9-4ecb-bfc6-55920855912b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3fc01293-ef5e-41c6-86ce-61f10706b64a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "51a14c76-dd3b-440b-9c20-2bf91d25a814" ,
"type" : "detects"
} ,
{
"dest-uuid" : "768dce68-8d0d-477a-b01d-0eea98b963a1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7b211ac6-c815-4189-93a9-ab415deca926" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7de1f7ac-5d0c-4c9c-8873-627202205331" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e624264c-033a-424d-9fd7-fc9c3bbdb03e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f2877f7f-9a4c-4251-879f-1224e3006bee" ,
"type" : "detects"
}
] ,
"uuid" : "02d090b6-8157-48da-98a2-517f7edd49fc" ,
"value" : "Active Directory Credential Request"
} ,
{
"description" : "Removal of an active directory object (ex: Windows EID 5141)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "5d2be8b9-d24c-4e98-83bf-2f5f79477163" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9085a576-636a-455b-91d2-c2921bbe6d1d" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "ebb42bbe-62d7-47d7-a55f-3b08b61d792d" ,
"type" : "detects"
}
] ,
"uuid" : "9085a576-636a-455b-91d2-c2921bbe6d1d" ,
"value" : "Active Directory Object Deletion"
} ,
{
"description" : "Changes made to an active directory object (ex: Windows EID 5163 or 5136)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "03259939-0b57-482f-8eb5-87c0e0d54334" ,
"type" : "detects"
} ,
{
"dest-uuid" : "24769ab5-14bd-4f4e-a752-cfb185da53ee" ,
"type" : "detects"
} ,
{
"dest-uuid" : "34e793de-0274-4982-9c1a-246ed1c19dee" ,
"type" : "detects"
} ,
{
"dest-uuid" : "564998d8-ab3e-4123-93fb-eccaa6b9714a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5b8b466b-2c81-4fe7-946f-d677a74ae3db" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "5d2be8b9-d24c-4e98-83bf-2f5f79477163" ,
"type" : "detects"
} ,
{
"dest-uuid" : "65917ae0-b854-4139-83fe-bf2441cf0196" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7de1f7ac-5d0c-4c9c-8873-627202205331" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "890c9858-598c-401d-a4d5-c67ebcdd703a" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "8a2f40cf-8325-47f9-96e4-b1ca4c7389bd" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "a10641f4-87b4-45a3-a906-92a149cb2c27" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b24e2a20-3b3d-4bf0-823b-1ed765398fb0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b4409cd8-0da9-46e1-a401-a241afd4d1cc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b7dc639b-24cd-482d-a7f1-8897eda21023" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c63a348e-ffc2-486a-b9d9-d7f11ec54d99" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "ceaeb6d8-95ee-4da2-9d42-dc6aa6ca43ae" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "d50955c2-272d-4ac8-95da-10c29dda1c48" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dcaa092b-7de9-4a21-977f-7fcb77e89c48" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ebb42bbe-62d7-47d7-a55f-3b08b61d792d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4c1826f-a322-41cd-9557-562100848c84" ,
"type" : "detects"
}
] ,
"uuid" : "5b8b466b-2c81-4fe7-946f-d677a74ae3db" ,
"value" : "Active Directory Object Modification"
} ,
{
"description" : "Opening a Registry Key, typically to read the associated value (ex: Windows EID 4656)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "03d7999c-1f4c-42cc-8373-e7690d318104" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1644e709-12d2-41e5-a60f-3470991f5011" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1ecfdab8-7d59-4c98-95d4-dc41970f57fc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "215d9700-5881-48b8-8265-6449dbb7195d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "341e222a-a6e3-4f6f-b69c-831d792b1580" ,
"type" : "detects"
} ,
{
"dest-uuid" : "435dfb86-2697-4867-85b5-2fef496c0517" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7de1f7ac-5d0c-4c9c-8873-627202205331" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c1b68a96-3c48-49ea-a6c0-9b27359f9c19" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c32f7008-9fea-41f7-8366-5eb9b74bd896" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ed0dd8aa-1677-4551-bb7d-8da767617e1b" ,
"type" : "included-in"
}
] ,
"uuid" : "ed0dd8aa-1677-4551-bb7d-8da767617e1b" ,
"value" : "Windows Registry Key Access"
} ,
{
"description" : "Initial construction of a new Registry Key (ex: Windows EID 4656 or Sysmon EID 12)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "005a06c6-14bf-4118-afa0-ebcd8aebb0c9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "02c5abff-30bf-4703-ab92-1f6072fae939" ,
"type" : "detects"
} ,
{
"dest-uuid" : "03259939-0b57-482f-8eb5-87c0e0d54334" ,
"type" : "detects"
} ,
{
"dest-uuid" : "106c0cf6-bf73-4601-9aa8-0945c2715ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22522668-ddf6-470b-a027-9d6866679f67" ,
"type" : "detects"
} ,
{
"dest-uuid" : "28170e17-8384-415c-8486-2e6b294cb803" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2959d63f-73fd-46a1-abd2-109d7dcede32" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2c4d4e92-0ccf-4a97-b54c-86d662988a53" ,
"type" : "detects"
} ,
{
"dest-uuid" : "34f1d81d-fe88-4f97-bd3b-a3164536255d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "389735f1-f21c-4208-b8f0-f8031e7169b8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4eb28bed-d11a-4641-9863-c2ac017d910a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "57340c81-c025-4189-8fa0-fc7ede51bae4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "79a47ad0-fc3b-4821-9f01-a026b1ddba21" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7f70fae7-a68d-4730-a83a-f260b9606129" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "90c4a591-d02d-490b-92aa-619d9701ac04" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9efb1ea7-c37b-4595-9640-b7680cd84279" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b3d682b6-98f2-4fb0-aa3b-b4df007ca70a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b83e166d-13d7-4b52-8677-dff90c548fd7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c615231b-f253-4f58-9d47-d5b4cbdb6839" ,
"type" : "detects"
} ,
{
"dest-uuid" : "eb125d40-0b2d-41ac-a71a-3229241c2cd3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ed7efd4d-ce28-4a19-a8e6-c58011eb2c7a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4c1826f-a322-41cd-9557-562100848c84" ,
"type" : "detects"
}
] ,
"uuid" : "7f70fae7-a68d-4730-a83a-f260b9606129" ,
"value" : "Windows Registry Key Creation"
} ,
{
"description" : "Removal of a Registry Key (ex: Windows EID 4658 or Sysmon EID 12)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "1177a4c5-31c8-400c-8544-9071166afa0e" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "57340c81-c025-4189-8fa0-fc7ede51bae4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "799ace7f-e227-4411-baa0-8868704f2a69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ac08589e-ee59-4935-8667-d845e38fe579" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d2c4e5ea-dbdf-4113-805a-b1e2a337fb33" ,
"type" : "detects"
}
] ,
"uuid" : "1177a4c5-31c8-400c-8544-9071166afa0e" ,
"value" : "Windows Registry Key Deletion"
} ,
{
"description" : "Changes made to a Registry Key and/or Key value (ex: Windows EID 4657 or Sysmon EID 13|14)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "035bb001-ab69-4a0b-9f6c-2de8b09e1b9d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "09a60ea3-a8d1-4ae5-976e-5783248b72a4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0c2d00da-7742-49e7-9928-4514e5075d32" ,
"type" : "detects"
} ,
{
"dest-uuid" : "106c0cf6-bf73-4601-9aa8-0945c2715ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "120d5519-3098-4e1c-9191-2aa61232f073" ,
"type" : "detects"
} ,
{
"dest-uuid" : "17cc750b-e95b-4d7d-9dde-49e0de24148c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1c34f7aa-9341-4a48-bfab-af22e51aca6c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "20fb2507-d71c-455d-9b6d-6104461cf26b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22522668-ddf6-470b-a027-9d6866679f67" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22905430-4901-4c2a-84f6-98243cb173f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "28170e17-8384-415c-8486-2e6b294cb803" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2959d63f-73fd-46a1-abd2-109d7dcede32" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2c4d4e92-0ccf-4a97-b54c-86d662988a53" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2de47683-f398-448f-b947-9abcc3e32fad" ,
"type" : "detects"
} ,
{
"dest-uuid" : "34f1d81d-fe88-4f97-bd3b-a3164536255d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3731fbcd-0e43-47ae-ae6c-d15e510f0d42" ,
"type" : "detects"
} ,
{
"dest-uuid" : "379809f6-2fac-42c1-bd2e-e9dee70b27f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3975dbb5-0e1e-4f5b-bae1-cf2ab84b46dc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "42fe883a-21ea-4cfb-b94a-78b6476dcc83" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43881e51-ac74-445b-b4c6-f9f9e9bf23fe" ,
"type" : "detects"
} ,
{
"dest-uuid" : "457c7820-d331-465a-915e-42f85500ccc4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4eb28bed-d11a-4641-9863-c2ac017d910a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4ff5d6a8-c062-4c68-a778-36fc5edd564f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5095a853-299c-4876-abd7-ac0050fb5462" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5372c5fe-f424-4def-bcd5-d3a8e770f07b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "543fceb5-cb92-40cb-aacf-6913d4db58bc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "565275d5-fcc3-4b66-b4e7-928e4cac6b8c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "57340c81-c025-4189-8fa0-fc7ede51bae4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "61afc315-860c-4364-825d-0d62b2e91edc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "650c784b-7504-4df7-ab2c-4ea882384d1e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "65f2d882-3f41-4d48-8a06-29af77ec9f90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "67720091-eee3-4d2d-ae16-8264567f6f5b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6836813e-8ec8-4375-b459-abb388cb1a35" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6d4a7fb3-5a24-42be-ae61-6728a2b581f6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "70e52b04-2a0c-4cea-9d18-7149f1df9dc5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "74d2a63f-3c7b-4852-92da-02d8fbab16da" ,
"type" : "detects"
} ,
{
"dest-uuid" : "799ace7f-e227-4411-baa0-8868704f2a69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "79a47ad0-fc3b-4821-9f01-a026b1ddba21" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7d57b371-10c2-45e5-b3cc-83a8fb380e4c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7dd95ff6-712e-4056-9626-312ea4ab4c5e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c4aef43-48d5-49aa-b2af-c0cd58d30c3d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "90c4a591-d02d-490b-92aa-619d9701ac04" ,
"type" : "detects"
} ,
{
"dest-uuid" : "98034fef-d9fb-4667-8dc4-2eab6231724c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9efb1ea7-c37b-4595-9640-b7680cd84279" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ac08589e-ee59-4935-8667-d845e38fe579" ,
"type" : "detects"
} ,
{
"dest-uuid" : "aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b5327dd1-6bf9-4785-a199-25bcbd1f4a9d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b6301b64-ef57-4cce-bb0b-77026f14a8db" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b83e166d-13d7-4b52-8677-dff90c548fd7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b8cfed42-6a8a-4989-ad72-541af74475ec" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bb5a00de-e086-4859-a231-fa793f6797e2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bc0f5e80-91c0-4e04-9fbb-e4e332c85dae" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c615231b-f253-4f58-9d47-d5b4cbdb6839" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cc89ecbd-3d33-4a41-bcca-001e702d18fd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ce4b7013-640e-48a9-b501-d0025a95f4bf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d157f9d2-d09a-4efa-bb2a-64963f94e253" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d2c4e5ea-dbdf-4113-805a-b1e2a337fb33" ,
"type" : "detects"
} ,
{
"dest-uuid" : "da85d358-741a-410d-9433-20d6269a6170" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "dd43c543-bb85-4a6f-aa6e-160d90d06a49" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dfebc3b7-d19d-450b-81c7-6dafe4184c04" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ed7efd4d-ce28-4a19-a8e6-c58011eb2c7a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f1951e8a-500e-4a26-8803-76d95c4554b4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4c1826f-a322-41cd-9557-562100848c84" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f5d8eed6-48a9-4cdf-a3d7-d1ffa99c3d2a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f63fe421-b1d1-45c0-b8a7-02cd16ff2bed" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ffeb0780-356e-4261-b036-cfb6bd234335" ,
"type" : "detects"
}
] ,
"uuid" : "da85d358-741a-410d-9433-20d6269a6170" ,
"value" : "Windows Registry Key Modification"
} ,
{
"description" : "An attempt by a user to gain access to a network or computing resource, often by providing credentials (ex: Windows EID 4776 or /var/log/auth.log)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "09c4c11e-4fa1-4f8c-8dad-3cf8e69ad119" ,
"type" : "detects"
} ,
{
"dest-uuid" : "19bf235b-8620-4997-b5b4-94e0659ed7c3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1d24cdee-9ea2-4189-b08e-af110bf2435d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1f9c2bae-b441-4f66-a8af-b65946ee72f2" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "30208d3e-0d6b-43c8-883e-44462a514619" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "3aef9463-9a7a-43ba-8957-a867e07c1e6a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "435dfb86-2697-4867-85b5-2fef496c0517" ,
"type" : "detects"
} ,
{
"dest-uuid" : "51a14c76-dd3b-440b-9c20-2bf91d25a814" ,
"type" : "detects"
} ,
{
"dest-uuid" : "564998d8-ab3e-4123-93fb-eccaa6b9714a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6151cbea-819b-455a-9fa6-99a1cc58797d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "692074ae-bb62-4a5e-a735-02cb6bde458c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "799ace7f-e227-4411-baa0-8868704f2a69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7b211ac6-c815-4189-93a9-ab415deca926" ,
"type" : "detects"
} ,
{
"dest-uuid" : "954a1639-f2d6-407d-aef3-4917622ca493" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9c306d8d-cde7-4b4c-b6e8-d0bb16caca36" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a750a9f6-0bde-4bb3-9aae-1e2786e9780c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a93494bb-4b80-4ea1-8695-3236a49916fd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a953ca55-921a-44f7-9b8d-3d40141aa17e" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "b17a1a56-e99c-403c-8948-561df0cffe81" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b2d03cea-aec1-45ca-9744-9ee583c1e1cc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b4409cd8-0da9-46e1-a401-a241afd4d1cc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c3d4bdd9-2cfe-4a80-9d0c-07a29ecdce8f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e49920b0-6c54-40c1-9571-73723653205f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e624264c-033a-424d-9fd7-fc9c3bbdb03e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f232fa7a-025c-4d43-abc7-318e81a73d65" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4c1826f-a322-41cd-9557-562100848c84" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f8ef3a62-3f44-40a4-abca-761ab235c436" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fdc47f44-dd32-4b99-af5f-209f556f63c2" ,
"type" : "detects"
}
] ,
"uuid" : "a953ca55-921a-44f7-9b8d-3d40141aa17e" ,
"value" : "User Account Authentication"
} ,
{
"description" : "Logging, messaging, and other artifacts provided by third-party services (ex: metrics, errors, and/or alerts from mail/web applications)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "035bb001-ab69-4a0b-9f6c-2de8b09e1b9d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "09c4c11e-4fa1-4f8c-8dad-3cf8e69ad119" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0c4b4fda-9062-47da-98b9-ceae2dcf052a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0cf55441-b176-4332-89e7-2c4c7799d0ff" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0cfe31a7-81fc-472c-bc45-e2808d1066a3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "10d51417-ee35-4589-b1ff-b6df1c334e8d" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "130d4494-b2d6-4040-bcea-6e59f05222fe" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "15dbf668-795c-41e6-8219-f0447c0e64ce" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1608f3e1-598a-42f4-a01a-2e252e81728f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "16cdd21f-da65-4e4f-bc04-dd7d198c7b26" ,
"type" : "detects"
} ,
{
"dest-uuid" : "16e94db9-b5b1-4cd0-b851-f38fbd0a70f2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "18cffc21-3260-437e-80e4-4ab8bf2ba5e9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1d24cdee-9ea2-4189-b08e-af110bf2435d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22905430-4901-4c2a-84f6-98243cb173f8" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "24769ab5-14bd-4f4e-a752-cfb185da53ee" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "2b742742-28c3-4e1b-bab7-8350d6300fa7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2bee5ffb-7a7a-4119-b1f2-158151b19ac0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2c4d4e92-0ccf-4a97-b54c-86d662988a53" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2d3f5b3c-54ca-4f4d-bb1f-849346d31230" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2e34237d-8574-43f6-aace-ae2915de8597" ,
"type" : "detects"
} ,
{
"dest-uuid" : "35187df2-31ed-43b6-a1f5-2f1d3d58d3f1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "38eb0c22-6caf-46ce-8869-5964bd735858" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d1b9d7e-3921-4d25-845a-7d9f15c0da44" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3f886f2a-874f-4333-b794-aa6075009b1c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "40597f16-0963-4249-bf4c-ac93b7fb9807" ,
"type" : "detects"
} ,
{
"dest-uuid" : "435dfb86-2697-4867-85b5-2fef496c0517" ,
"type" : "detects"
} ,
{
"dest-uuid" : "438c967d-3996-4870-bfc2-3954752a1927" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43f2776f-b4bd-4118-94b8-fee47e69676d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4eb28bed-d11a-4641-9863-c2ac017d910a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "51a14c76-dd3b-440b-9c20-2bf91d25a814" ,
"type" : "detects"
} ,
{
"dest-uuid" : "54ca26f3-c172-4231-93e5-ccebcac2161f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "56e0d8b8-3e25-49dd-9050-3aa252f5aa92" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5909f20f-3c39-4795-be06-ef1ea40d350b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "59ff91cd-1430-4075-8563-e6f15f4f9ff5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5d0d3609-d06d-49e1-b9c9-b544e0c618cb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "692074ae-bb62-4a5e-a735-02cb6bde458c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6a5d222a-a7e0-4656-b110-782c33098289" ,
"type" : "detects"
} ,
{
"dest-uuid" : "799ace7f-e227-4411-baa0-8868704f2a69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7ad38ef1-381a-406d-872a-38b136eb5ecc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7d77a07d-02fe-4e88-8bd9-e9c008c01bf0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7de1f7ac-5d0c-4c9c-8873-627202205331" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7decb26c-715c-40cf-b7e0-026f7d7cc215" ,
"type" : "detects"
} ,
{
"dest-uuid" : "851e071f-208d-4c79-adc6-5974c85c78f3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8982a661-d84c-48c0-b4ec-1db29c6cf3bc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c32eb4d-805f-4fc5-bf60-c4d476c131b5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c41090b-aa47-4331-986b-8c9a51a91103" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "924d273c-be0d-4d8d-af58-2dddb15ef1e2" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "92a78814-b191-47ca-909c-1ccfe3777414" ,
"type" : "detects"
} ,
{
"dest-uuid" : "954a1639-f2d6-407d-aef3-4917622ca493" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9664ad0e-789e-40ac-82e2-d7b17fbe8fb3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9c2fa0ae-7abc-485a-97f6-699e3b6cf9fa" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "9c306d8d-cde7-4b4c-b6e8-d0bb16caca36" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9db0cf3a-a3c9-4012-8268-123b9db6fd82" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9e7452df-5144-4b6e-b04a-b66dd4016747" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9fa07bef-9c81-421e-a8e5-ad4366c5a925" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a19e86f8-1c0a-4fea-8407-23b73d615776" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a62a8db3-f23a-4d8f-afd6-9dbc77e7813b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a93494bb-4b80-4ea1-8695-3236a49916fd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a9e2cea0-c805-4bf8-9e31-f5f0513a3634" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b0533c6e-8fea-4788-874f-b799cacc4b92" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b0c74ef9-c61e-4986-88cb-78da98a355ec" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b2d03cea-aec1-45ca-9744-9ee583c1e1cc" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "b3d682b6-98f2-4fb0-aa3b-b4df007ca70a" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "b4409cd8-0da9-46e1-a401-a241afd4d1cc" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "b4694861-542c-48ea-9eb1-10d356e7140a" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "b577dfc1-0177-4522-8d5a-782127c8592b" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "bb5e59c4-abe7-40c7-8196-e373cb1e5974" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "bbfbb096-6561-4d7d-aa2c-a5ee8e44c696" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "be2dcee9-a7a7-4e38-afd6-21b31ecc3d63" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf147104-abf9-4221-95d1-e81585859441" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c3c8c916-2f3c-4e71-94b2-240bdfc996f0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c675646d-e204-4aa8-978d-e3d6d65885c4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c9e0c59e-162e-40a4-b8b1-78fab4329ada" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cca0ccb6-a068-4574-a722-b1556f86833a" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "cd25c1b4-935c-4f0e-ba8d-552f28bc4783" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "cff94884-3b1c-4987-a70b-6d5643c621c3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d28ef391-8ed4-45dc-bc4a-2f43abf54416" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d40239b3-05ff-46d8-9bdd-b46d13463ef9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d456de47-a16f-4e46-8980-e67478a12dcb" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "d4bdbdea-eaec-4071-b4f9-5105e12ea4b6" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "d742a578-d70e-4d0e-96a6-02a9c30204e6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e4dc8c01-417f-458d-9ee0-bb0617c1b391" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e74de37c-a829-446c-937d-56a44f0e9306" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e848506b-8484-4410-8017-3d235a52f5b3" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "ebb42bbe-62d7-47d7-a55f-3b08b61d792d" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "f4c1826f-a322-41cd-9557-562100848c84" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f6ad61ee-65f3-4bd0-a3f5-2f0accb36317" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f870408c-b1cd-49c7-a5c7-0ef0fc496cc6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f9e9365a-9ca2-4d9c-8e7c-050d73d1101a" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "fb75213f-cfb0-40bf-a02f-3bad93d6601e" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "fe926152-f431-4baf-956c-4ad3cb0bf23b" ,
"type" : "detects"
}
] ,
"uuid" : "9c2fa0ae-7abc-485a-97f6-699e3b6cf9fa" ,
"value" : "Application Log Content"
} ,
{
"description" : "Opening of a cloud storage infrastructure, typically to collect/read its value (ex: AWS S3 GetObject)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "3298ce88-1628-43b1-87d9-0b5336b193d7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "58ef998c-f3bf-4985-b487-b1005f5c05d1" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "8565825b-21c8-4518-b75e-cbc4c717a156" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a19e86f8-1c0a-4fea-8407-23b73d615776" ,
"type" : "detects"
}
] ,
"uuid" : "58ef998c-f3bf-4985-b487-b1005f5c05d1" ,
"value" : "Cloud Storage Access"
} ,
{
"description" : "Initial construction of a new account (ex: Windows EID 4720 or /etc/passwd logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "22905430-4901-4c2a-84f6-98243cb173f8" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "42e8de7b-37b2-4258-905a-6897815e58e0" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "635cbe30-392d-4e27-978e-66774357c762" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7610cada-1499-41a4-b3dd-46467b68d177" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c4aef43-48d5-49aa-b2af-c0cd58d30c3d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a009cb25-4801-4116-9105-80a91cf15c1b" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "d349c66e-18e1-4d8b-a2d7-65af7cbd2ba0" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "deb22295-7e37-4a3b-ac6f-c86666fbe63d" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "e01be9c5-e763-4caf-aeb7-000b416aef67" ,
"type" : "detects"
}
] ,
"uuid" : "deb22295-7e37-4a3b-ac6f-c86666fbe63d" ,
"value" : "User Account Creation"
} ,
{
"description" : "Removal of an account (ex: Windows EID 4726 or /var/log access/authentication logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "799ace7f-e227-4411-baa0-8868704f2a69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b24e2a20-3b3d-4bf0-823b-1ed765398fb0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d2c4e5ea-dbdf-4113-805a-b1e2a337fb33" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d6257b8e-869c-41c0-8731-fdca40858a91" ,
"type" : "included-in"
}
] ,
"uuid" : "d6257b8e-869c-41c0-8731-fdca40858a91" ,
"value" : "User Account Deletion"
} ,
{
"description" : "Operating system function/method calls executed by a process" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0042a9f5-f053-4769-b3ef-9ad018dfa298" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0259baeb-9f63-4c69-bf10-eb038c390688" ,
"type" : "detects"
} ,
{
"dest-uuid" : "03d7999c-1f4c-42cc-8373-e7690d318104" ,
"type" : "detects"
} ,
{
"dest-uuid" : "09a60ea3-a8d1-4ae5-976e-5783248b72a4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0a5231ec-41af-4a35-83d0-6bdf11f28c65" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1035cdf2-3e5f-446f-a7a7-e8f6d7925967" ,
"type" : "detects"
} ,
{
"dest-uuid" : "106c0cf6-bf73-4601-9aa8-0945c2715ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1eaebf46-e361-4437-bc23-d5d65a3b92e3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "20fb2507-d71c-455d-9b6d-6104461cf26b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "215d9700-5881-48b8-8265-6449dbb7195d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "21875073-b0ee-49e3-9077-1e2a885359af" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22905430-4901-4c2a-84f6-98243cb173f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "25659dd6-ea12-45c4-97e6-381e3e4b593e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2959d63f-73fd-46a1-abd2-109d7dcede32" ,
"type" : "detects"
} ,
{
"dest-uuid" : "29be378d-262d-4e99-b00d-852d573628e6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2aed01ad-3df3-4410-a8cb-11ea4ded587c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2de47683-f398-448f-b947-9abcc3e32fad" ,
"type" : "detects"
} ,
{
"dest-uuid" : "30973a08-aed9-4edf-8604-9084ce1b5c4f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "315f51f0-6b03-4c1e-bfb2-84740afb8e21" ,
"type" : "detects"
} ,
{
"dest-uuid" : "322bad5a-1c49-4d23-ab79-76d641794afa" ,
"type" : "detects"
} ,
{
"dest-uuid" : "32ad5c86-2bcf-47d8-8fdc-d7f3d79a7490" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3489cfc5-640f-4bb3-a103-9137b97de79f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "348f1eef-964b-4eb6-bb53-69b3dcb0c643" ,
"type" : "detects"
} ,
{
"dest-uuid" : "34a80bc4-80f2-46e6-94ff-f3265a4b657c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "354a7f88-63fb-41b5-a801-ce3b377b36f1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "37b11151-1776-4f8f-b328-30939fbf2ceb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "391d824f-0ef1-47a0-b0ee-c59a75e27670" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3c4a2599-71ee-4405-ba1e-0e28414b4bc5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3fc9b85a-2862-4363-a64d-d692e3ffbee0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "41d9846c-f6af-4302-a654-24bba2729bc6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "42e8de7b-37b2-4258-905a-6897815e58e0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43881e51-ac74-445b-b4c6-f9f9e9bf23fe" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43e7dc91-05b2-474c-b9ac-2ed4fe101f4d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "457c7820-d331-465a-915e-42f85500ccc4" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "47f2d673-ca62-47e9-929b-1b0be9657611" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "4933e63b-9b77-476e-ab29-761bc5b7d15a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "494ab9f0-36e0-4b06-b10d-57285b040a06" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "49fca0d2-685d-41eb-8bd4-05451cc3a742" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "4a5b7ade-8bb5-4853-84ed-23f262002665" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4ae4f953-fe58-4cc8-a327-33257e30a830" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4bed873f-0b7d-41d4-b93a-b6905d1f90b0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4ff5d6a8-c062-4c68-a778-36fc5edd564f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "562e9b64-7239-493d-80f4-2bff900d9054" ,
"type" : "detects"
} ,
{
"dest-uuid" : "57340c81-c025-4189-8fa0-fc7ede51bae4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "58a3e6aa-4453-4cc8-a51f-4befe80b31a8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6495ae23-3ab4-43c5-a94f-5638a2c31fd2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "65f2d882-3f41-4d48-8a06-29af77ec9f90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "67720091-eee3-4d2d-ae16-8264567f6f5b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "677569f9-a8b0-459e-ab24-7f18091fa7bf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6faf650d-bf31-4eb4-802d-1000cf38efaf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7007935a-a8a7-4c0b-bd98-4e85be8ed197" ,
"type" : "detects"
} ,
{
"dest-uuid" : "707399d6-ab3e-4963-9315-d9d3818cd6a0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "767dbf9e-df3f-45cb-8998-4903ab5f80c0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "791481f8-e96a-41be-b089-a088763083d4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "799ace7f-e227-4411-baa0-8868704f2a69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7bc57495-ea59-4380-be31-a64af124ef18" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7c0f17c9-1af6-4628-9cbd-9e45482dd605" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7d57b371-10c2-45e5-b3cc-83a8fb380e4c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7e150503-88e7-4861-866b-ff1ac82c4475" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7f0ca133-88c4-40c6-a62f-b3083a7fbc2e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "806a49c4-970d-43f9-9acc-ac0ee11e6662" ,
"type" : "detects"
} ,
{
"dest-uuid" : "82caa33e-d11a-433a-94ea-9b5a5fbef81d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "86850eff-2729-40c3-b85e-c4af26da4a2d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8cdeb020-e31e-4f88-a582-f53dcfbda819" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8f4a33ec-8b1f-4b80-a2f6-642b2e479580" ,
"type" : "detects"
} ,
{
"dest-uuid" : "90c4a591-d02d-490b-92aa-619d9701ac04" ,
"type" : "detects"
} ,
{
"dest-uuid" : "91541e7e-b969-40c6-bbd8-1b5352ec2938" ,
"type" : "detects"
} ,
{
"dest-uuid" : "93591901-3172-4e94-abf8-6034ab26f44a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "98be40f2-c86b-4ade-b6fc-4964932040e5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9bde2f9d-a695-4344-bfac-f2dce13d121e" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "a01bf75f-00b2-4568-a58f-565ff9bf202b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a4657bc9-d22f-47d2-a7b7-dd6ec33f3dde" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ac9e6b22-11bf-45d7-9181-c1cb08360931" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b200542e-e877-4395-875b-cf1a44537ca4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b3d682b6-98f2-4fb0-aa3b-b4df007ca70a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b7dc639b-24cd-482d-a7f1-8897eda21023" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b84903f0-c7d5-435d-a69e-de47cc3578c0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bb5a00de-e086-4859-a231-fa793f6797e2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c1b68a96-3c48-49ea-a6c0-9b27359f9c19" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c32f7008-9fea-41f7-8366-5eb9b74bd896" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c877e33f-1df6-40d6-b1e7-ce70f16f4979" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cba37adb-d6fb-4610-b069-dd04c0643384" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cc89ecbd-3d33-4a41-bcca-001e702d18fd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d0613359-5781-4fd2-b5be-c269270be1f6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d336b553-5da9-46ca-98a8-0b23f49fb447" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d4b96d2c-1032-4b22-9235-2b5b649d0605" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dcaa092b-7de9-4a21-977f-7fcb77e89c48" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dd43c543-bb85-4a6f-aa6e-160d90d06a49" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e3b6daca-e963-4a69-aee6-ed4fd653ad58" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e49ee9d2-0d98-44ef-85e5-5d3100065744" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e4dc8c01-417f-458d-9ee0-bb0617c1b391" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ea016b56-ae0e-47fe-967a-cc0ad51af67f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ea4c2f9c-9df1-477c-8c42-6da1118f2ac4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "eb2cb5cb-ae87-4de0-8c35-da2a17aafb99" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f2857333-11d4-45bf-b064-2c28d8525be5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f3c544dc-673c-4ef3-accb-53229f1ae077" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4599aa0-4f85-4a32-80ea-fc39dc965945" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4c1826f-a322-41cd-9557-562100848c84" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f5946b5e-9408-485f-a7f7-b5efc88909b6" ,
"type" : "detects"
}
] ,
"uuid" : "9bde2f9d-a695-4344-bfac-f2dce13d121e" ,
"value" : "OS API Execution"
} ,
{
"description" : "Contextual data about an account, which may include a username, user ID, environmental data, etc." ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "22905430-4901-4c2a-84f6-98243cb173f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c4aef43-48d5-49aa-b2af-c0cd58d30c3d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b5d0492b-cda4-421c-8e51-ed2b8d85c5d0" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "b6075259-dba3-44e9-87c7-e954f37ec0d5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b7dc639b-24cd-482d-a7f1-8897eda21023" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d50955c2-272d-4ac8-95da-10c29dda1c48" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dcaa092b-7de9-4a21-977f-7fcb77e89c48" ,
"type" : "detects"
}
] ,
"uuid" : "b5d0492b-cda4-421c-8e51-ed2b8d85c5d0" ,
"value" : "User Account Metadata"
} ,
{
"description" : "Changes made to an account, such as permissions and/or membership in specific groups (ex: Windows EID 4738 or /var/log access/authentication logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "2dbbdcd5-92cf-44c0-aea2-fe24783a6bc3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "35d30338-5bfa-41b0-a170-ec06dfd75f64" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "3e6831b2-bf4c-4ae6-b328-2e7c6633b291" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "67720091-eee3-4d2d-ae16-8264567f6f5b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6fa224c7-5091-4595-bf15-3fc9fe2f2c7c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7decb26c-715c-40cf-b7e0-026f7d7cc215" ,
"type" : "detects"
} ,
{
"dest-uuid" : "890c9858-598c-401d-a4d5-c67ebcdd703a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8a2f40cf-8325-47f9-96e4-b1ca4c7389bd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a10641f4-87b4-45a3-a906-92a149cb2c27" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b24e2a20-3b3d-4bf0-823b-1ed765398fb0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b4409cd8-0da9-46e1-a401-a241afd4d1cc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cacc40da-4c9e-462c-80d5-fd70a178b12d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d27b0089-2c39-4b6c-84ff-303e48657e77" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "e74de37c-a829-446c-937d-56a44f0e9306" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4c1826f-a322-41cd-9557-562100848c84" ,
"type" : "detects"
}
] ,
"uuid" : "d27b0089-2c39-4b6c-84ff-303e48657e77" ,
"value" : "User Account Modification"
} ,
{
"description" : "Opening a network share, which makes the contents available to the requestor (ex: Windows EID 5140 or 5145)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "246fd3c7-f5e3-466d-8787-4c13d9e3b61c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4f9ca633-15c5-463c-9724-bdcd54fde541" ,
"type" : "detects"
} ,
{
"dest-uuid" : "54a649ff-439a-41a4-9856-8d144a2551ba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ae676644-d2d2-41b7-af7e-9bed1b55898c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b80d107d-fa0d-4b60-9684-b0433e8bdba0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf90d72c-c00b-45e3-b3aa-68560560d4c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f5468e67-51c7-4756-9b4f-65707708e7fa" ,
"type" : "included-in"
}
] ,
"uuid" : "f5468e67-51c7-4756-9b4f-65707708e7fa" ,
"value" : "Network Share Access"
} ,
{
"description" : "Initial construction of a network connection, such as capturing socket information with a source/destination IP and port(s) (ex: Windows EID 5156, Sysmon EID 3, or Zeek conn.log)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "005cc321-08ce-4d17-b1ea-cb5275926520" ,
"type" : "detects"
} ,
{
"dest-uuid" : "01327cde-66c4-4123-bf34-5f258d59457b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "01a5a209-b94c-450b-b7f9-946497d91055" ,
"type" : "detects"
} ,
{
"dest-uuid" : "08e22979-d320-48ed-8711-e7bf94aabb13" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0ad7bc5c-235a-4048-944b-3b286676cb74" ,
"type" : "detects"
} ,
{
"dest-uuid" : "10d51417-ee35-4589-b1ff-b6df1c334e8d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1608f3e1-598a-42f4-a01a-2e252e81728f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "181a9f8c-c780-4f1f-91a8-edb770e904ba" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "28abec6c-4443-4b03-8206-07f2e264a6b4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "29ba5a15-3b7b-4732-b817-65ea8f6468e6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2db31dcd-54da-405d-acef-b9129b816ed6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "365be77f-fc0e-42ee-bac8-4faf806d9336" ,
"type" : "detects"
} ,
{
"dest-uuid" : "389735f1-f21c-4208-b8f0-f8031e7169b8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "40597f16-0963-4249-bf4c-ac93b7fb9807" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4061e78c-1284-44b4-9116-73e4ac3912f7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "451a9977-d255-43c9-b431-66de80130c8c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "457c7820-d331-465a-915e-42f85500ccc4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4cbc6a62-9e34-4f94-8a19-5c1a11392a49" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4eeaf8a9-c86b-4954-a663-9555fb406466" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4f9ca633-15c5-463c-9724-bdcd54fde541" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4fe28b27-b13c-453e-a386-c2ef362a573b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "51ea26b1-ff1e-4faa-b1a0-1114cd298c87" ,
"type" : "detects"
} ,
{
"dest-uuid" : "52759bf1-fe12-4052-ace6-c5b0cf7dd7fd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "54a649ff-439a-41a4-9856-8d144a2551ba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "60d0c01d-e2bf-49dd-a453-f8a9c9fa6f65" ,
"type" : "detects"
} ,
{
"dest-uuid" : "613d08bc-e8f4-4791-80b0-c8b974340dfd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "68a0c5ed-bee2-4513-830d-5b0d650139bd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "69b8fd78-40e8-4600-ae4d-662c9d7afdb3" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "718cb208-6446-4572-a2f0-9c799c60091e" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "731f4f55-b6d0-41d1-a7a9-072a66389aea" ,
"type" : "detects"
} ,
{
"dest-uuid" : "774a3188-6ba9-4dc4-879d-d54ee48a5ce9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "79a4052e-1a89-4b09-aea6-51f1d11fe19c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7bd9c723-2f78-4309-82c5-47cad406572b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7c46b364-8496-4234-8a56-f7e6727e21e1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7f0ca133-88c4-40c6-a62f-b3083a7fbc2e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "800f9819-7007-4540-a520-40e655876800" ,
"type" : "detects"
} ,
{
"dest-uuid" : "830c9528-df21-472c-8c14-a036bf17d665" ,
"type" : "detects"
} ,
{
"dest-uuid" : "840a987a-99bd-4a80-a5c9-0cb2baa6cade" ,
"type" : "detects"
} ,
{
"dest-uuid" : "84e02621-8fdf-470f-bd58-993bb6a89d91" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8868cb5b-d575-4a60-acb2-07d37389a2fd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c32eb4d-805f-4fc5-bf60-c4d476c131b5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8e350c1d-ac79-4b5c-bd4e-7476d7e84ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "92d7da27-2d91-488e-a00c-059dc162766d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "939808a7-121d-467a-b028-4441ee8b7cee" ,
"type" : "detects"
} ,
{
"dest-uuid" : "986f80f7-ff0e-4f48-87bd-0394814bbce5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9c99724c-a483-4d60-ad9d-7f004e42e8e8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a19e86f8-1c0a-4fea-8407-23b73d615776" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "a718a0c8-5768-41a1-9958-a1cc3f995e99" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "a782ebe2-daba-42c7-bc82-e8e9d923162d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ae676644-d2d2-41b7-af7e-9bed1b55898c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b4694861-542c-48ea-9eb1-10d356e7140a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b97f1d35-4249-4486-a6b5-ee60ccf24fab" ,
"type" : "detects"
} ,
{
"dest-uuid" : "be055942-6e63-49d7-9fa1-9cb7d8a8f3f4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf1b6176-597c-4600-bfcd-ac989670f96b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c3888c54-775d-4b2f-b759-75a2ececcbfd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c6a146ae-9c63-4606-97ff-e261e76e8380" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c8e87b83-edbb-48d4-9295-4974897525b7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cd25c1b4-935c-4f0e-ba8d-552f28bc4783" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d742a578-d70e-4d0e-96a6-02a9c30204e6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d916f176-a1ca-4a78-9fdd-4058bc28162e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dc31fe1e-d722-49da-8f5f-92c7b5aff534" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e358d692-23c0-4a31-9eb6-ecc13a8d7735" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e6919abc-99f9-4c6c-95a5-14761e7b2add" ,
"type" : "detects"
} ,
{
"dest-uuid" : "eb062747-2193-45de-8fa2-e62549c37ddf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ee7ff928-801c-4f34-8a99-3df965e581a5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ef67e13e-5598-4adc-bdb2-998225874fa9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f24faf46-3b26-4dbb-98f2-63460498e433" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f6dacc85-b37d-458e-b58d-74fc4bbf5755" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fb8d023d-45be-47e9-bc51-f56bcae6435b" ,
"type" : "detects"
}
] ,
"uuid" : "181a9f8c-c780-4f1f-91a8-edb770e904ba" ,
"value" : "Network Connection Creation"
} ,
{
"description" : "Initial construction of new cloud storage infrastructure (ex: AWS S3 CreateBucket)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "59ec10d9-546b-4b8e-bccb-fa85f71e5055" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "d4bdbdea-eaec-4071-b4f9-5105e12ea4b6" ,
"type" : "detects"
}
] ,
"uuid" : "59ec10d9-546b-4b8e-bccb-fa85f71e5055" ,
"value" : "Cloud Storage Creation"
} ,
{
"description" : "Initial construction of new web credential material (ex: Windows EID 1200 or 4769)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "1f9c2bae-b441-4f66-a8af-b65946ee72f2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5f7c9def-0ddf-423b-b1f8-fb2ddeed0ce3" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "94cb00a4-b295-4d06-aa2b-5653b9c1be9c" ,
"type" : "detects"
}
] ,
"uuid" : "5f7c9def-0ddf-423b-b1f8-fb2ddeed0ce3" ,
"value" : "Web Credential Creation"
} ,
{
"description" : "Deactivation or stoppage of a cloud service (ex: AWS Cloudtrail StopLogging)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cacc40da-4c9e-462c-80d5-fd70a178b12d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ec0612c5-2644-4c50-bcac-82586974fedd" ,
"type" : "included-in"
}
] ,
"uuid" : "ec0612c5-2644-4c50-bcac-82586974fedd" ,
"value" : "Cloud Service Disable"
} ,
{
"description" : "Removal of cloud storage infrastructure (ex: AWS S3 DeleteBucket)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "4c41e296-b8d2-4a37-b789-eb565c87c00c" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "d45a3d09-b3cf-48f4-9f0f-f521ee5cb05c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f5d8eed6-48a9-4cdf-a3d7-d1ffa99c3d2a" ,
"type" : "detects"
}
] ,
"uuid" : "4c41e296-b8d2-4a37-b789-eb565c87c00c" ,
"value" : "Cloud Storage Deletion"
} ,
{
"description" : "An extracted list of cloud storage infrastructure (ex: AWS S3 ListBuckets or ListObjects)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "57a3d31a-d04f-4663-b2da-7df8ec3f8c9d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8565825b-21c8-4518-b75e-cbc4c717a156" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fcc4811f-9cc8-4db5-8097-4d8242a380de" ,
"type" : "included-in"
}
] ,
"uuid" : "fcc4811f-9cc8-4db5-8097-4d8242a380de" ,
"value" : "Cloud Storage Enumeration"
} ,
{
"description" : "An extracted list of cloud services (ex: AWS ECS ListServices)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "3fc9b85a-2862-4363-a64d-d692e3ffbee0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c826308-2760-492f-9e36-4f0f7e23bcac" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "cfb525cc-5494-401d-a82b-2539ca46a561" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e24fcba8-2557-4442-a139-1ee2f2e784db" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e3a12395-188d-4051-9a16-ea8e14d07b88" ,
"type" : "detects"
}
] ,
"uuid" : "8c826308-2760-492f-9e36-4f0f7e23bcac" ,
"value" : "Cloud Service Enumeration"
} ,
{
"description" : "Initial construction of a new scheduled job (ex: Windows EID 4698 or /var/log cron logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "005a06c6-14bf-4118-afa0-ebcd8aebb0c9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1126cab1-c700-412f-a510-61f4937bb096" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2acf44aa-542f-4366-b4eb-55ef5747759c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "35dd844a-b219-4e2b-a6bb-efa9a75995a9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a542bac9-7bc1-4da7-9a09-96f69e23cc21" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f3d95a1f-bba2-44ce-9af7-37866cd63fd0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f42df6f0-6395-4f0c-9376-525a031f00c3" ,
"type" : "included-in"
}
] ,
"uuid" : "f42df6f0-6395-4f0c-9376-525a031f00c3" ,
"value" : "Scheduled Job Creation"
} ,
{
"description" : "Initial construction of a successful new user logon following an authentication attempt. (e.g. Windows EID 4624, /var/log/utmp, or /var/log/wmtp)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "01327cde-66c4-4123-bf34-5f258d59457b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "06c00069-771a-4d57-8ef5-d3718c1a8771" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0c4b4fda-9062-47da-98b9-ceae2dcf052a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1608f3e1-598a-42f4-a01a-2e252e81728f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1f9c2bae-b441-4f66-a8af-b65946ee72f2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2db31dcd-54da-405d-acef-b9129b816ed6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "45241b9e-9bbc-4826-a2cc-78855e51ca09" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4d2a5b3e-340d-4600-9123-309dd63c9bf8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4f9ca633-15c5-463c-9724-bdcd54fde541" ,
"type" : "detects"
} ,
{
"dest-uuid" : "51a14c76-dd3b-440b-9c20-2bf91d25a814" ,
"type" : "detects"
} ,
{
"dest-uuid" : "544b0346-29ad-41e1-a808-501bb4193f47" ,
"type" : "detects"
} ,
{
"dest-uuid" : "54a649ff-439a-41a4-9856-8d144a2551ba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "54ca26f3-c172-4231-93e5-ccebcac2161f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5b0ad6f8-6a16-4966-a4ef-d09ea6e2a9f5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "60d0c01d-e2bf-49dd-a453-f8a9c9fa6f65" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6151cbea-819b-455a-9fa6-99a1cc58797d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "65f2d882-3f41-4d48-8a06-29af77ec9f90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7ad38ef1-381a-406d-872a-38b136eb5ecc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7b211ac6-c815-4189-93a9-ab415deca926" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7de1f7ac-5d0c-4c9c-8873-627202205331" ,
"type" : "detects"
} ,
{
"dest-uuid" : "861b8fd2-57f3-4ee1-ab5d-c19c3b8c7a4a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8861073d-d1b8-4941-82ce-dce621d398f0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "94cb00a4-b295-4d06-aa2b-5653b9c1be9c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "954a1639-f2d6-407d-aef3-4917622ca493" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9ce98c86-8d30-4043-ba54-0784d478d0b5" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "9fa07bef-9c81-421e-a8e5-ad4366c5a925" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b17a1a56-e99c-403c-8948-561df0cffe81" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b4409cd8-0da9-46e1-a401-a241afd4d1cc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b4694861-542c-48ea-9eb1-10d356e7140a" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "bbfbb096-6561-4d7d-aa2c-a5ee8e44c696" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "c3d4bdd9-2cfe-4a80-9d0c-07a29ecdce8f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cff94884-3b1c-4987-a70b-6d5643c621c3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d28ef391-8ed4-45dc-bc4a-2f43abf54416" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d4b96d2c-1032-4b22-9235-2b5b649d0605" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e0033c16-a07e-48aa-8204-7c3ca669998c" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "e24fcba8-2557-4442-a139-1ee2f2e784db" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "e49920b0-6c54-40c1-9571-73723653205f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e624264c-033a-424d-9fd7-fc9c3bbdb03e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "eb062747-2193-45de-8fa2-e62549c37ddf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f232fa7a-025c-4d43-abc7-318e81a73d65" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4c1826f-a322-41cd-9557-562100848c84" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fdc47f44-dd32-4b99-af5f-209f556f63c2" ,
"type" : "detects"
}
] ,
"uuid" : "9ce98c86-8d30-4043-ba54-0784d478d0b5" ,
"value" : "Logon Session Creation"
} ,
{
"description" : "Contextual data about cloud storage infrastructure and activity around it such as name, size, or owner" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "d4bdbdea-eaec-4071-b4f9-5105e12ea4b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e214eb6d-de8f-4154-9015-6d47915fbed1" ,
"type" : "included-in"
}
] ,
"uuid" : "e214eb6d-de8f-4154-9015-6d47915fbed1" ,
"value" : "Cloud Storage Metadata"
} ,
{
"description" : "Contextual data about a cloud service and activity around it such as name, type, or purpose/function" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "0c4b4fda-9062-47da-98b9-ceae2dcf052a" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "3298ce88-1628-43b1-87d9-0b5336b193d7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7d77a07d-02fe-4e88-8bd9-e9c008c01bf0" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "b33d36e3-d7ea-4895-8eed-19a08a8f7c4f" ,
"type" : "included-in"
}
] ,
"uuid" : "b33d36e3-d7ea-4895-8eed-19a08a8f7c4f" ,
"value" : "Cloud Service Metadata"
} ,
{
"description" : "Changes made to cloud storage infrastructure, including its settings and/or data (ex: AWS S3 PutObject or PutObjectAcl)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "1001e0d6-ee09-4dfc-aa90-e9320ffc8fe4" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "45977f14-1bcc-4ec4-ac14-a30fd3a11f44" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "b80d107d-fa0d-4b60-9684-b0433e8bdba0" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "d45a3d09-b3cf-48f4-9f0f-f521ee5cb05c" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "d4bdbdea-eaec-4071-b4f9-5105e12ea4b6" ,
"type" : "detects"
}
] ,
"uuid" : "45977f14-1bcc-4ec4-ac14-a30fd3a11f44" ,
"value" : "Cloud Storage Modification"
} ,
{
"description" : "Changes made to a cloud service, including its settings and/or data (ex: AWS CloudTrail DeleteTrail or DeleteConfigRule)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "0ce73446-8722-4086-9d43-514f1d0f669e" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "924d273c-be0d-4d8d-af58-2dddb15ef1e2" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "b6301b64-ef57-4cce-bb0b-77026f14a8db" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ca00366b-83a1-4c7b-a0ce-8ff950a7c87f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cacc40da-4c9e-462c-80d5-fd70a178b12d" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "cd25c1b4-935c-4f0e-ba8d-552f28bc4783" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "ceaeb6d8-95ee-4da2-9d42-dc6aa6ca43ae" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "e52d89f9-1710-4708-88a5-cbef77c4cd5e" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "e848506b-8484-4410-8017-3d235a52f5b3" ,
"type" : "detects"
2024-04-24 06:19:40 +00:00
} ,
{
"dest-uuid" : "f4c1826f-a322-41cd-9557-562100848c84" ,
"type" : "detects"
2024-01-12 16:08:06 +00:00
}
] ,
"uuid" : "e52d89f9-1710-4708-88a5-cbef77c4cd5e" ,
"value" : "Cloud Service Modification"
} ,
{
"description" : "Logged network traffic data showing both protocol header and body values (ex: PCAP)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "035bb001-ab69-4a0b-9f6c-2de8b09e1b9d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "03d7999c-1f4c-42cc-8373-e7690d318104" ,
"type" : "detects"
} ,
{
"dest-uuid" : "04fd5427-79c7-44ea-ae13-11b24778ff1c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0ad7bc5c-235a-4048-944b-3b286676cb74" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0cfe31a7-81fc-472c-bc45-e2808d1066a3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0df05477-c572-4ed6-88a9-47c581f548f7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "10d51417-ee35-4589-b1ff-b6df1c334e8d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "18cffc21-3260-437e-80e4-4ab8bf2ba5e9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1996eef1-ced3-4d7f-bf94-33298cabbf72" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1b20efbf-8063-4fc3-a07d-b575318a301b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "21875073-b0ee-49e3-9077-1e2a885359af" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22379609-a99f-4a01-bd7e-70f3e105859d" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "241f9ea8-f6ae-4f38-92f5-cef5b7e539dd" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "24bfaeba-cb0d-4525-b3dc-507c77ecec41" ,
"type" : "detects"
} ,
{
"dest-uuid" : "274770e0-2612-4ccf-a678-ef8e7bad365d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2b742742-28c3-4e1b-bab7-8350d6300fa7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2bee5ffb-7a7a-4119-b1f2-158151b19ac0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2d3f5b3c-54ca-4f4d-bb1f-849346d31230" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2e34237d-8574-43f6-aace-ae2915de8597" ,
"type" : "detects"
} ,
{
"dest-uuid" : "355be19c-ffc9-46d5-8d50-d6a036c675b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3772e279-27d6-477a-9fe3-c6beb363594c" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "38eb0c22-6caf-46ce-8869-5964bd735858" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3f886f2a-874f-4333-b794-aa6075009b1c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "40597f16-0963-4249-bf4c-ac93b7fb9807" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4061e78c-1284-44b4-9116-73e4ac3912f7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43c9bc06-715b-42db-972f-52d25c09a20c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43f2776f-b4bd-4118-94b8-fee47e69676d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "451a9977-d255-43c9-b431-66de80130c8c" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "48b836c6-e4ca-435a-82a3-29c03e5b492e" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "4d2a5b3e-340d-4600-9123-309dd63c9bf8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4fe28b27-b13c-453e-a386-c2ef362a573b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4ffc1794-ec3b-45be-9e52-42dbcb2af2de" ,
"type" : "detects"
} ,
{
"dest-uuid" : "51ea26b1-ff1e-4faa-b1a0-1114cd298c87" ,
"type" : "detects"
} ,
{
"dest-uuid" : "52759bf1-fe12-4052-ace6-c5b0cf7dd7fd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5282dd9a-d26d-4e16-88b7-7c0f4553daf4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "54b4c251-1f0e-4eba-ba6b-dbc7a6f6f06b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5502c4e9-24ef-4d5f-8ee9-9e906c2f82c4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "564998d8-ab3e-4123-93fb-eccaa6b9714a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5909f20f-3c39-4795-be06-ef1ea40d350b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "59ff91cd-1430-4075-8563-e6f15f4f9ff5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5b0ad6f8-6a16-4966-a4ef-d09ea6e2a9f5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5d0d3609-d06d-49e1-b9c9-b544e0c618cb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "613d08bc-e8f4-4791-80b0-c8b974340dfd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "650c784b-7504-4df7-ab2c-4ea882384d1e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "67073dde-d720-45ae-83da-b12d5e73ca3b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "69b8fd78-40e8-4600-ae4d-662c9d7afdb3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "69f897fd-12a9-4c89-ad6a-46d2f3c38262" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6c49d50f-494d-4150-b774-a655022d20a6" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "718cb208-6446-4572-a2f0-9c799c60091e" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "731f4f55-b6d0-41d1-a7a9-072a66389aea" ,
"type" : "detects"
} ,
{
"dest-uuid" : "767dbf9e-df3f-45cb-8998-4903ab5f80c0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "774a3188-6ba9-4dc4-879d-d54ee48a5ce9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "799ace7f-e227-4411-baa0-8868704f2a69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "79a4052e-1a89-4b09-aea6-51f1d11fe19c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7bd9c723-2f78-4309-82c5-47cad406572b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "800f9819-7007-4540-a520-40e655876800" ,
"type" : "detects"
} ,
{
"dest-uuid" : "81033c3b-16a4-46e4-8fed-9b030dd03c4a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "830c9528-df21-472c-8c14-a036bf17d665" ,
"type" : "detects"
} ,
{
"dest-uuid" : "83a766f8-1501-4b3a-a2de-2e2849e8dfc1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "86a96bf6-cf8b-411c-aaeb-8959944d64f7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8982a661-d84c-48c0-b4ec-1db29c6cf3bc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c32eb4d-805f-4fc5-bf60-c4d476c131b5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c41090b-aa47-4331-986b-8c9a51a91103" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8e350c1d-ac79-4b5c-bd4e-7476d7e84ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "92d7da27-2d91-488e-a00c-059dc162766d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9a60a291-8960-4387-8a4a-2ab5c18bb50b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9c99724c-a483-4d60-ad9d-7f004e42e8e8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9db0cf3a-a3c9-4012-8268-123b9db6fd82" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9e7452df-5144-4b6e-b04a-b66dd4016747" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9fa07bef-9c81-421e-a8e5-ad4366c5a925" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a19e86f8-1c0a-4fea-8407-23b73d615776" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a62a8db3-f23a-4d8f-afd6-9dbc77e7813b" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "a718a0c8-5768-41a1-9958-a1cc3f995e99" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "a750a9f6-0bde-4bb3-9aae-1e2786e9780c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a782ebe2-daba-42c7-bc82-e8e9d923162d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ac9e6b22-11bf-45d7-9181-c1cb08360931" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ad255bfe-a9e6-4b52-a258-8d3462abe842" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ae676644-d2d2-41b7-af7e-9bed1b55898c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b18eae87-b469-4e14-b454-b171b416bc18" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b1ccd744-3f78-4a0e-9bb2-2002057f7928" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b77cf5f3-6060-475d-bd60-40ccbf28fdc2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b8017880-4b1e-42de-ad10-ae7ac6705166" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b8902400-e6c5-4ba2-95aa-2d35b442b118" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ba04e672-da86-4e69-aa15-0eca5db25f43" ,
"type" : "detects"
} ,
{
"dest-uuid" : "be055942-6e63-49d7-9fa1-9cb7d8a8f3f4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bed04f7d-e48a-4e76-bd0f-4c57fe31fc46" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf176076-b789-408e-8cba-7275e81c0ada" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf1b6176-597c-4600-bfcd-ac989670f96b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf90d72c-c00b-45e3-b3aa-68560560d4c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c21d5a77-d422-4a69-acd7-2c53c1faa34b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c325b232-d5bc-4dde-a3ec-71f3db9e8adc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c675646d-e204-4aa8-978d-e3d6d65885c4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ca9d3402-ada3-484d-876a-d717bd6e05f2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cabe189c-a0e3-4965-a473-dcff00f17213" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cc7b8c4e-9be0-47ca-b0bb-83915ec3ee2f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cca0ccb6-a068-4574-a722-b1556f86833a" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "cd25c1b4-935c-4f0e-ba8d-552f28bc4783" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "cdfc5f0a-9bb9-4352-b896-553cfa2d8fd8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d0613359-5781-4fd2-b5be-c269270be1f6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d456de47-a16f-4e46-8980-e67478a12dcb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d467bc38-284b-4a00-96ac-125f447799fc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d4bdbdea-eaec-4071-b4f9-5105e12ea4b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d742a578-d70e-4d0e-96a6-02a9c30204e6" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "db8f5003-3b20-48f0-9b76-123e44208120" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "dc31fe1e-d722-49da-8f5f-92c7b5aff534" ,
"type" : "detects"
} ,
{
"dest-uuid" : "defc1257-4db1-4fb3-8ef5-bb77f63146df" ,
"type" : "detects"
} ,
{
"dest-uuid" : "df8b2a25-8bdf-4856-953c-a04372b1c161" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e0033c16-a07e-48aa-8204-7c3ca669998c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e6919abc-99f9-4c6c-95a5-14761e7b2add" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "eb897572-8979-4242-a089-56f294f4c91d" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "ee7ff928-801c-4f34-8a99-3df965e581a5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "eec23884-3fa1-4d8a-ac50-6f104d51e235" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ef67e13e-5598-4adc-bdb2-998225874fa9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f303a39a-6255-4b89-aecc-18c4d8ca7163" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f6ad61ee-65f3-4bd0-a3f5-2f0accb36317" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f6dacc85-b37d-458e-b58d-74fc4bbf5755" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f7827069-0bf2-4764-af4f-23fae0d181b7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f7c0689c-4dbd-489b-81be-7cb7c7079ade" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f870408c-b1cd-49c7-a5c7-0ef0fc496cc6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fb8d023d-45be-47e9-bc51-f56bcae6435b" ,
"type" : "detects"
}
] ,
"uuid" : "3772e279-27d6-477a-9fe3-c6beb363594c" ,
"value" : "Network Traffic Content"
} ,
{
"description" : "An attempt by a user to gain access to a network or computing resource by providing web credentials (ex: Windows EID 1202)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "1f9c2bae-b441-4f66-a8af-b65946ee72f2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "51a14c76-dd3b-440b-9c20-2bf91d25a814" ,
"type" : "detects"
} ,
{
"dest-uuid" : "861b8fd2-57f3-4ee1-ab5d-c19c3b8c7a4a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "94cb00a4-b295-4d06-aa2b-5653b9c1be9c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c3c8c916-2f3c-4e71-94b2-240bdfc996f0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f005e783-57d4-4837-88ad-dbe7faee1c51" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ff93f688-d7a4-49cf-9c79-a14454da8428" ,
"type" : "included-in"
}
] ,
"uuid" : "ff93f688-d7a4-49cf-9c79-a14454da8428" ,
"value" : "Web Credential Usage"
} ,
{
"description" : "Changes made to a firewall rule, typically to allow/block specific network traffic (ex: Windows EID 4950 or Write/Delete entries within Azure Firewall Rule Collection Activity Logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "3975dbb5-0e1e-4f5b-bae1-cf2ab84b46dc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5372c5fe-f424-4def-bcd5-d3a8e770f07b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "77532a55-c283-4cd2-bc5d-2d0b65e9d88c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "799ace7f-e227-4411-baa0-8868704f2a69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d2ff4b56-8351-4ed8-b0fb-d8605366005f" ,
"type" : "included-in"
}
] ,
"uuid" : "d2ff4b56-8351-4ed8-b0fb-d8605366005f" ,
"value" : "Firewall Rule Modification"
} ,
{
"description" : "Summarized network packet data, with metrics, such as protocol headers and volume (ex: Netflow or Zeek http.log)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "005a06c6-14bf-4118-afa0-ebcd8aebb0c9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "035bb001-ab69-4a0b-9f6c-2de8b09e1b9d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "03d7999c-1f4c-42cc-8373-e7690d318104" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0bda01d5-4c1d-4062-8ee2-6872334383c3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0df05477-c572-4ed6-88a9-47c581f548f7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0f4fb01b-d57a-4375-b7a2-342c9d3248f7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "10d51417-ee35-4589-b1ff-b6df1c334e8d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "118f61a5-eb3e-4fb6-931f-2096647f4ecd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "18cffc21-3260-437e-80e4-4ab8bf2ba5e9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1996eef1-ced3-4d7f-bf94-33298cabbf72" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "241f9ea8-f6ae-4f38-92f5-cef5b7e539dd" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "2959d63f-73fd-46a1-abd2-109d7dcede32" ,
"type" : "detects"
} ,
{
"dest-uuid" : "29ba5a15-3b7b-4732-b817-65ea8f6468e6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2b742742-28c3-4e1b-bab7-8350d6300fa7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2bee5ffb-7a7a-4119-b1f2-158151b19ac0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2d3f5b3c-54ca-4f4d-bb1f-849346d31230" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2e34237d-8574-43f6-aace-ae2915de8597" ,
"type" : "detects"
} ,
{
"dest-uuid" : "355be19c-ffc9-46d5-8d50-d6a036c675b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "36b2a1d7-e09e-49bf-b45e-477076c2ec01" ,
"type" : "detects"
} ,
{
"dest-uuid" : "38eb0c22-6caf-46ce-8869-5964bd735858" ,
"type" : "detects"
} ,
{
"dest-uuid" : "40597f16-0963-4249-bf4c-ac93b7fb9807" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4061e78c-1284-44b4-9116-73e4ac3912f7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43f2776f-b4bd-4118-94b8-fee47e69676d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "451a9977-d255-43c9-b431-66de80130c8c" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "48b836c6-e4ca-435a-82a3-29c03e5b492e" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "4d2a5b3e-340d-4600-9123-309dd63c9bf8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4eeaf8a9-c86b-4954-a663-9555fb406466" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4f9ca633-15c5-463c-9724-bdcd54fde541" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4fe28b27-b13c-453e-a386-c2ef362a573b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4ffc1794-ec3b-45be-9e52-42dbcb2af2de" ,
"type" : "detects"
} ,
{
"dest-uuid" : "51ea26b1-ff1e-4faa-b1a0-1114cd298c87" ,
"type" : "detects"
} ,
{
"dest-uuid" : "54a649ff-439a-41a4-9856-8d144a2551ba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "54b4c251-1f0e-4eba-ba6b-dbc7a6f6f06b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5502c4e9-24ef-4d5f-8ee9-9e906c2f82c4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "57340c81-c025-4189-8fa0-fc7ede51bae4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "59ff91cd-1430-4075-8563-e6f15f4f9ff5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5b0ad6f8-6a16-4966-a4ef-d09ea6e2a9f5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5ca3c7ec-55b2-4587-9376-cf6c96f8047a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5d0d3609-d06d-49e1-b9c9-b544e0c618cb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "60d0c01d-e2bf-49dd-a453-f8a9c9fa6f65" ,
"type" : "detects"
} ,
{
"dest-uuid" : "613d08bc-e8f4-4791-80b0-c8b974340dfd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "650c784b-7504-4df7-ab2c-4ea882384d1e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "67073dde-d720-45ae-83da-b12d5e73ca3b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "69b8fd78-40e8-4600-ae4d-662c9d7afdb3" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "718cb208-6446-4572-a2f0-9c799c60091e" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "731f4f55-b6d0-41d1-a7a9-072a66389aea" ,
"type" : "detects"
} ,
{
"dest-uuid" : "774a3188-6ba9-4dc4-879d-d54ee48a5ce9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "79a4052e-1a89-4b09-aea6-51f1d11fe19c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7bd9c723-2f78-4309-82c5-47cad406572b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7c46b364-8496-4234-8a56-f7e6727e21e1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "800f9819-7007-4540-a520-40e655876800" ,
"type" : "detects"
} ,
{
"dest-uuid" : "830c9528-df21-472c-8c14-a036bf17d665" ,
"type" : "detects"
} ,
{
"dest-uuid" : "84e02621-8fdf-470f-bd58-993bb6a89d91" ,
"type" : "detects"
} ,
{
"dest-uuid" : "86a96bf6-cf8b-411c-aaeb-8959944d64f7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8868cb5b-d575-4a60-acb2-07d37389a2fd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8982a661-d84c-48c0-b4ec-1db29c6cf3bc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8e350c1d-ac79-4b5c-bd4e-7476d7e84ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "92d7da27-2d91-488e-a00c-059dc162766d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "948a447c-d783-4ba0-8516-a64140fcacd5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9a60a291-8960-4387-8a4a-2ab5c18bb50b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9c99724c-a483-4d60-ad9d-7f004e42e8e8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9e7452df-5144-4b6e-b04a-b66dd4016747" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a19e86f8-1c0a-4fea-8407-23b73d615776" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a62a8db3-f23a-4d8f-afd6-9dbc77e7813b" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "a718a0c8-5768-41a1-9958-a1cc3f995e99" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "a782ebe2-daba-42c7-bc82-e8e9d923162d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a7f22107-02e5-4982-9067-6625d4a1765a" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "ac9e6b22-11bf-45d7-9181-c1cb08360931" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ae676644-d2d2-41b7-af7e-9bed1b55898c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b18eae87-b469-4e14-b454-b171b416bc18" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b77cf5f3-6060-475d-bd60-40ccbf28fdc2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b8017880-4b1e-42de-ad10-ae7ac6705166" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ba04e672-da86-4e69-aa15-0eca5db25f43" ,
"type" : "detects"
} ,
{
"dest-uuid" : "be055942-6e63-49d7-9fa1-9cb7d8a8f3f4" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "be2dcee9-a7a7-4e38-afd6-21b31ecc3d63" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "bf1b6176-597c-4600-bfcd-ac989670f96b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf90d72c-c00b-45e3-b3aa-68560560d4c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c21d5a77-d422-4a69-acd7-2c53c1faa34b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c3888c54-775d-4b2f-b759-75a2ececcbfd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c675646d-e204-4aa8-978d-e3d6d65885c4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cabe189c-a0e3-4965-a473-dcff00f17213" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cca0ccb6-a068-4574-a722-b1556f86833a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cd25c1b4-935c-4f0e-ba8d-552f28bc4783" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d0613359-5781-4fd2-b5be-c269270be1f6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d40239b3-05ff-46d8-9bdd-b46d13463ef9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d456de47-a16f-4e46-8980-e67478a12dcb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d74c4a7e-ffbf-432f-9365-7ebf1f787cab" ,
"type" : "detects"
} ,
{
"dest-uuid" : "db8f5003-3b20-48f0-9b76-123e44208120" ,
"type" : "detects"
} ,
{
"dest-uuid" : "defc1257-4db1-4fb3-8ef5-bb77f63146df" ,
"type" : "detects"
} ,
{
"dest-uuid" : "df8b2a25-8bdf-4856-953c-a04372b1c161" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e0033c16-a07e-48aa-8204-7c3ca669998c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e3a12395-188d-4051-9a16-ea8e14d07b88" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e6919abc-99f9-4c6c-95a5-14761e7b2add" ,
"type" : "detects"
} ,
{
"dest-uuid" : "eb062747-2193-45de-8fa2-e62549c37ddf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f1951e8a-500e-4a26-8803-76d95c4554b4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f24faf46-3b26-4dbb-98f2-63460498e433" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f303a39a-6255-4b89-aecc-18c4d8ca7163" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f3d95a1f-bba2-44ce-9af7-37866cd63fd0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f6ad61ee-65f3-4bd0-a3f5-2f0accb36317" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f6dacc85-b37d-458e-b58d-74fc4bbf5755" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f7827069-0bf2-4764-af4f-23fae0d181b7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f870408c-b1cd-49c7-a5c7-0ef0fc496cc6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fb8d023d-45be-47e9-bc51-f56bcae6435b" ,
"type" : "detects"
}
] ,
"uuid" : "a7f22107-02e5-4982-9067-6625d4a1765a" ,
"value" : "Network Traffic Flow"
} ,
{
"description" : "Contextual data about a scheduled job, which may include information such as name, timing, command(s), etc." ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "42e8de7b-37b2-4258-905a-6897815e58e0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7b375092-3a61-448d-900a-77c9a4bde4dc" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "7bdca9d5-d500-4d7d-8c52-5fd47baf4c0c" ,
"type" : "detects"
}
] ,
"uuid" : "7b375092-3a61-448d-900a-77c9a4bde4dc" ,
"value" : "Scheduled Job Metadata"
} ,
{
"description" : "Changes made to a scheduled job, such as modifications to the execution launch (ex: Windows EID 4702 or /var/log cron logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "42e8de7b-37b2-4258-905a-6897815e58e0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "799ace7f-e227-4411-baa0-8868704f2a69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7bdca9d5-d500-4d7d-8c52-5fd47baf4c0c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d2c4e5ea-dbdf-4113-805a-b1e2a337fb33" ,
"type" : "detects"
} ,
{
"dest-uuid" : "faa34cf6-cf32-4dc9-bd6a-8f7a606ff65b" ,
"type" : "included-in"
}
] ,
"uuid" : "faa34cf6-cf32-4dc9-bd6a-8f7a606ff65b" ,
"value" : "Scheduled Job Modification"
} ,
{
"description" : "An object file that contains code to extend the running kernel of an OS, typically used to add support for new hardware (as device drivers) and/or filesystems, or for adding system calls" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "23e4ee78-26f3-4fcf-ba43-ab953962f96c" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "4a5b7ade-8bb5-4853-84ed-23f262002665" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a1b52199-c8c5-438a-9ded-656f1d0888c6" ,
"type" : "detects"
}
] ,
"uuid" : "23e4ee78-26f3-4fcf-ba43-ab953962f96c" ,
"value" : "Kernel Module Load"
} ,
{
"description" : "Contextual data about a logon session, such as username, logon type, access tokens (security context, user SIDs, logon identifiers, and logon SID), and any activity associated within it" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "10d51417-ee35-4589-b1ff-b6df1c334e8d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1f9c2bae-b441-4f66-a8af-b65946ee72f2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "39b9db72-8b48-4595-a18d-db5bbba3091b" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "3fc01293-ef5e-41c6-86ce-61f10706b64a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "768dce68-8d0d-477a-b01d-0eea98b963a1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "954a1639-f2d6-407d-aef3-4917622ca493" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9fa07bef-9c81-421e-a8e5-ad4366c5a925" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b17a1a56-e99c-403c-8948-561df0cffe81" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c3d4bdd9-2cfe-4a80-9d0c-07a29ecdce8f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d273434a-448e-4598-8e14-607f4a0d5e27" ,
"type" : "detects"
} ,
{
"dest-uuid" : "eb062747-2193-45de-8fa2-e62549c37ddf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f232fa7a-025c-4d43-abc7-318e81a73d65" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fdc47f44-dd32-4b99-af5f-209f556f63c2" ,
"type" : "detects"
}
] ,
"uuid" : "39b9db72-8b48-4595-a18d-db5bbba3091b" ,
"value" : "Logon Session Metadata"
} ,
{
"description" : "Contextual data about a named pipe on a system, including pipe name and creating process (ex: Sysmon EIDs 17-18)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "b9a1578e-8653-4103-be23-cb52e0b1816e" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "bf90d72c-c00b-45e3-b3aa-68560560d4c5" ,
"type" : "detects"
}
] ,
"uuid" : "b9a1578e-8653-4103-be23-cb52e0b1816e" ,
"value" : "Named Pipe Metadata"
} ,
2024-04-24 06:19:40 +00:00
{
"description" : "Additional assets included with an application" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "613788f2-ad72-43f5-b5f7-a93e2adc70fa" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "dfafc230-5465-4993-8dc5-f51fa9fec002" ,
"type" : "detects"
}
] ,
"uuid" : "613788f2-ad72-43f5-b5f7-a93e2adc70fa" ,
"value" : "Application Assets"
} ,
2024-01-12 16:08:06 +00:00
{
"description" : "API calls utilized by an application that could indicate malicious activity" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0cdd66ad-26ac-4338-a764-4972a1e17ee3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0d95940f-9583-4e0f-824c-a42c1be47fad" ,
"type" : "detects"
} ,
{
"dest-uuid" : "114fed8b-7eed-4136-8b9c-411c5c7fff4b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "198ce408-1470-45ee-b47f-7056050d4fc2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1b51f5bc-b97a-498a-8dbd-bc6b1901bf19" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1d44f529-6fe6-489f-8a01-6261ac43f05e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1ff89c1b-7615-4fe8-b9cb-63aaf52e6dee" ,
"type" : "detects"
} ,
{
"dest-uuid" : "20b0931a-8952-42ca-975f-775bad295f1a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "233fe2c0-cb41-4765-b454-e0087597fbce" ,
"type" : "detects"
} ,
{
"dest-uuid" : "27d18e87-8f32-4be1-b456-39b90454360f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "28fdd23d-aee3-4afe-bc3f-5f1f52929258" ,
"type" : "detects"
} ,
{
"dest-uuid" : "29f1f56c-7b7a-4c14-9e39-59577ea2743c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "351c0927-2fc1-4a2c-ad84-cbbee7eb8172" ,
"type" : "detects"
} ,
{
"dest-uuid" : "498e7b81-238d-404c-aa5e-332904d63286" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4f14e30b-8b57-4a7b-9093-2c0778ea99cf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "51636761-2e35-44bf-9e56-e337adf97174" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5ae32c6a-2d12-4b8f-81ca-f862f2be0962" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "648f8051-1a35-46d3-b1d8-3a3f5cf2cc8e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "693cdbff-ea73-49c6-ac3f-91e7285c31d1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6c49d50f-494d-4150-b774-a655022d20a6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6ffad4be-bfe0-424f-abde-4d9a84a800ad" ,
"type" : "detects"
} ,
{
"dest-uuid" : "702055ac-4e54-4ae9-9527-e23a38e0b160" ,
"type" : "detects"
} ,
{
"dest-uuid" : "73c26732-6422-4081-8b63-6d0ae93d449e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "74e6003f-c7f4-4047-983b-708cc19b96b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7827ced0-95e7-4d05-bdcf-0d8f2d37a3d3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "789ef15a-34d9-4b32-a779-8cbbc9eb32f5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8605a0ec-b44a-4e98-a7fc-87d4bd3acb66" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9558a84e-2d5e-4872-918e-d847494a8ffc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9ef14445-6f35-4ed0-a042-5024f13a9242" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b7c0e45f-0206-4f75-96e7-fe7edad3aaff" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c4b96c0b-cb58-497a-a1c2-bb447d79d692" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c548d8c4-a0a3-4a24-bb79-2a84abbc7b36" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cc6e0637-76d2-4af3-a604-9d8d3ff8a6b3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d9e88203-2b5d-405f-a406-2933b1e3d7e4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dc01774a-d1c1-45fb-b506-0a5d1d6593d9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e422b6fa-4739-46b9-992e-82f1b350c780" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f05fc151-aa62-47e3-ae57-2d1b23d64bf6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f856eaab-e84a-4265-a8a2-7bf37e5dc2fc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fc53309d-ebd5-4573-9242-57024ebdad4f" ,
"type" : "detects"
}
] ,
"uuid" : "5ae32c6a-2d12-4b8f-81ca-f862f2be0962" ,
"value" : "API Calls"
} ,
{
"description" : "Queried domain name system (DNS) registry data highlighting current domain to IP address resolutions (ex: dig/nslookup queries)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0458aab9-ad42-4eac-9e22-706a95bafee2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2e521444-7295-4dec-96c1-7595b2df7811" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "40f5caa0-4cb7-4117-89fc-d421bb493df3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7e3beebd-8bfe-4e7b-a892-e44ab06a75f9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c2f59d25-87fe-44aa-8f83-e8e59d077bf5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f9cc4d06-775f-4ee1-b401-4e2cc0da30ba" ,
"type" : "detects"
}
] ,
"uuid" : "2e521444-7295-4dec-96c1-7595b2df7811" ,
"value" : "Active DNS"
} ,
{
"description" : "Opening of a data storage device with an assigned drive letter or mount point" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0af0ca99-357d-4ba1-805f-674fdfb7bef9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0c8ab3eb-df48-4b9c-ace7-beacaac81cc5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1988cc35-ced8-4dad-b2d1-7628488fa967" ,
"type" : "detects"
} ,
{
"dest-uuid" : "64196062-5210-42c3-9a02-563a0d1797ef" ,
"type" : "detects"
} ,
{
"dest-uuid" : "73ff2dcc-24b1-4368-b9dc-706dd9e68354" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "fb640c43-aa6b-431e-a961-a279010424ac" ,
"type" : "detects"
}
] ,
"uuid" : "73ff2dcc-24b1-4368-b9dc-706dd9e68354" ,
"value" : "Drive Access"
} ,
{
"description" : "Opening a file, which makes the file contents available to the requestor (ex: Windows EID 4663)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "03d7999c-1f4c-42cc-8373-e7690d318104" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22" ,
"type" : "detects"
} ,
{
"dest-uuid" : "10ffac09-e42d-4f56-ab20-db94c67d76ff" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1608f3e1-598a-42f4-a01a-2e252e81728f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1644e709-12d2-41e5-a60f-3470991f5011" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1b7ba276-eedc-4951-a762-0ceea2c030ec" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1c34f7aa-9341-4a48-bfab-af22e51aca6c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1e9eb839-294b-48cc-b0d3-c45555a2a004" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1eaebf46-e361-4437-bc23-d5d65a3b92e3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "235b7491-2d2b-4617-9a52-3c0783680f71" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "25659dd6-ea12-45c4-97e6-381e3e4b593e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "30208d3e-0d6b-43c8-883e-44462a514619" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3120b9fa-23b8-4500-ae73-09494f607b7d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "315f51f0-6b03-4c1e-bfb2-84740afb8e21" ,
"type" : "detects"
} ,
{
"dest-uuid" : "359b00ad-9425-420b-bba5-6de8d600cbc0" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "394220d9-8efc-4252-9040-664f7b115be6" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "3b744087-9945-4a6f-91e8-9dbceda417a4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3c4a2599-71ee-4405-ba1e-0e28414b4bc5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3fc01293-ef5e-41c6-86ce-61f10706b64a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3fc9b85a-2862-4363-a64d-d692e3ffbee0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "40597f16-0963-4249-bf4c-ac93b7fb9807" ,
"type" : "detects"
} ,
{
"dest-uuid" : "435dfb86-2697-4867-85b5-2fef496c0517" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43f2776f-b4bd-4118-94b8-fee47e69676d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "51ea26b1-ff1e-4faa-b1a0-1114cd298c87" ,
"type" : "detects"
} ,
{
"dest-uuid" : "58a3e6aa-4453-4cc8-a51f-4befe80b31a8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5e4a2073-9643-44cb-a0b5-e7f4048446c7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "60b508a1-6a5e-46b1-821a-9f7b78752abf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "613d08bc-e8f4-4791-80b0-c8b974340dfd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "72b74d71-8169-42aa-92e0-e7b04b9f5a08" ,
"type" : "detects"
} ,
{
"dest-uuid" : "774a3188-6ba9-4dc4-879d-d54ee48a5ce9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "79a4052e-1a89-4b09-aea6-51f1d11fe19c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7dd95ff6-712e-4056-9626-312ea4ab4c5e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7de1f7ac-5d0c-4c9c-8873-627202205331" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8187bd2a-866f-4457-9009-86b0ddedffa3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "837f9164-50af-4ac0-8219-379d8a74cefc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "866d0d6d-02c6-42bd-aa2f-02907fdc0969" ,
"type" : "detects"
} ,
{
"dest-uuid" : "86a96bf6-cf8b-411c-aaeb-8959944d64f7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8d7bd4f5-3a89-4453-9c82-2c8894d5655e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8e350c1d-ac79-4b5c-bd4e-7476d7e84ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "92d7da27-2d91-488e-a00c-059dc162766d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a19e86f8-1c0a-4fea-8407-23b73d615776" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a3e1e6c5-9c74-4fc0-a16c-a9d228c17829" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ae676644-d2d2-41b7-af7e-9bed1b55898c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b77cf5f3-6060-475d-bd60-40ccbf28fdc2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf1b6176-597c-4600-bfcd-ac989670f96b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d0b4fcdb-d67d-4ed2-99ce-788b12f8c0f4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d336b553-5da9-46ca-98a8-0b23f49fb447" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e358d692-23c0-4a31-9eb6-ecc13a8d7735" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e6415f09-df0e-48de-9aba-928c902b7549" ,
"type" : "detects"
} ,
{
"dest-uuid" : "edf91964-b26e-4b4a-9600-ccacd7d7df24" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fb8d023d-45be-47e9-bc51-f56bcae6435b" ,
"type" : "detects"
}
] ,
"uuid" : "235b7491-2d2b-4617-9a52-3c0783680f71" ,
"value" : "File Access"
} ,
{
"description" : "Opening of a process by another process, typically to read memory of the target process (ex: Sysmon EID 10)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "03d7999c-1f4c-42cc-8373-e7690d318104" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22" ,
"type" : "detects"
} ,
{
"dest-uuid" : "10ffac09-e42d-4f56-ab20-db94c67d76ff" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1887a270-576a-4049-84de-ef746b2572d6" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "1a80d097-54df-41d8-9d33-34e755ec5e72" ,
"type" : "detects"
} ,
{
"dest-uuid" : "315f51f0-6b03-4c1e-bfb2-84740afb8e21" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3fc9b85a-2862-4363-a64d-d692e3ffbee0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "41d9846c-f6af-4302-a654-24bba2729bc6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43e7dc91-05b2-474c-b9ac-2ed4fe101f4d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "544b0346-29ad-41e1-a808-501bb4193f47" ,
"type" : "detects"
} ,
{
"dest-uuid" : "58a3e6aa-4453-4cc8-a51f-4befe80b31a8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "65f2d882-3f41-4d48-8a06-29af77ec9f90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7c0f17c9-1af6-4628-9cbd-9e45482dd605" ,
"type" : "detects"
} ,
{
"dest-uuid" : "806a49c4-970d-43f9-9acc-ac0ee11e6662" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8252f135-ed26-4ce1-ae61-f26e94429a19" ,
"type" : "detects"
} ,
{
"dest-uuid" : "acd0ba37-7ba9-4cc5-ac61-796586cd856d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b200542e-e877-4395-875b-cf1a44537ca4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d4b96d2c-1032-4b22-9235-2b5b649d0605" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e49ee9d2-0d98-44ef-85e5-5d3100065744" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ea016b56-ae0e-47fe-967a-cc0ad51af67f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4599aa0-4f85-4a32-80ea-fc39dc965945" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4c1826f-a322-41cd-9557-562100848c84" ,
"type" : "detects"
}
] ,
"uuid" : "1887a270-576a-4049-84de-ef746b2572d6" ,
"value" : "Process Access"
} ,
{
"description" : "Initial construction of a new container (ex: docker create <container_name>)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "106c0cf6-bf73-4601-9aa8-0945c2715ec5" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "1126cab1-c700-412f-a510-61f4937bb096" ,
"type" : "detects"
} ,
{
"dest-uuid" : "35dd844a-b219-4e2b-a6bb-efa9a75995a9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4a5b7ade-8bb5-4853-84ed-23f262002665" ,
"type" : "detects"
} ,
{
"dest-uuid" : "56e0d8b8-3e25-49dd-9050-3aa252f5aa92" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c32eb4d-805f-4fc5-bf60-c4d476c131b5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a5ae90ca-0c4b-481c-959f-0eb18a7ff953" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "b0c74ef9-c61e-4986-88cb-78da98a355ec" ,
"type" : "detects"
2024-04-24 06:19:40 +00:00
} ,
{
"dest-uuid" : "b0e54bf7-835e-4f44-bd8e-62f431b9b76a" ,
"type" : "detects"
2024-01-12 16:08:06 +00:00
}
] ,
"uuid" : "a5ae90ca-0c4b-481c-959f-0eb18a7ff953" ,
"value" : "Container Creation"
} ,
{
"description" : "Initial construction of a drive letter or mount point to a data storage device" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "3b744087-9945-4a6f-91e8-9dbceda417a4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d6e6b3b-4aa8-40e1-8c47-91db0f313d9f" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "64196062-5210-42c3-9a02-563a0d1797ef" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a3e1e6c5-9c74-4fc0-a16c-a9d228c17829" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d40239b3-05ff-46d8-9bdd-b46d13463ef9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e6415f09-df0e-48de-9aba-928c902b7549" ,
"type" : "detects"
}
] ,
"uuid" : "3d6e6b3b-4aa8-40e1-8c47-91db0f313d9f" ,
"value" : "Drive Creation"
} ,
{
"description" : "An extracted list of containers (ex: docker ps)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0470e792-32f8-46b0-a351-652bc35e9336" ,
"type" : "detects"
} ,
{
"dest-uuid" : "91b3ed33-d1b5-4c4b-a896-76c55eb3cfd8" ,
"type" : "included-in"
}
] ,
"uuid" : "91b3ed33-d1b5-4c4b-a896-76c55eb3cfd8" ,
"value" : "Container Enumeration"
} ,
{
"description" : "The execution of a line of text, potentially with arguments, created from program code (e.g. a cmdlet executed via powershell.exe, interactive commands like >dir, shell executions, etc. )" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "005a06c6-14bf-4118-afa0-ebcd8aebb0c9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "00f90846-cbd1-4fc5-9233-df5c2bf2a662" ,
"type" : "detects"
} ,
{
"dest-uuid" : "01a5a209-b94c-450b-b7f9-946497d91055" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0259baeb-9f63-4c69-bf10-eb038c390688" ,
"type" : "detects"
} ,
{
"dest-uuid" : "03259939-0b57-482f-8eb5-87c0e0d54334" ,
"type" : "detects"
} ,
{
"dest-uuid" : "03d7999c-1f4c-42cc-8373-e7690d318104" ,
"type" : "detects"
} ,
{
"dest-uuid" : "045d0922-2310-4e60-b5e4-3302302cb3c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "09b130a2-a77e-4af0-a361-f46f9aad1345" ,
"type" : "detects"
} ,
{
"dest-uuid" : "09cd431f-eaf4-4d2a-acaf-2a7acfe7ed58" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0af0ca99-357d-4ba1-805f-674fdfb7bef9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0c8ab3eb-df48-4b9c-ace7-beacaac81cc5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0cf55441-b176-4332-89e7-2c4c7799d0ff" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0f2c410d-d740-4ed9-abb1-b8f4a7faf6c3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0f4a0c76-ab2d-4cb0-85d3-3f0efb8cba0d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1035cdf2-3e5f-446f-a7a7-e8f6d7925967" ,
"type" : "detects"
} ,
{
"dest-uuid" : "106c0cf6-bf73-4601-9aa8-0945c2715ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "10ff21b9-5a01-4268-a1b5-3b55015f1847" ,
"type" : "detects"
} ,
{
"dest-uuid" : "120d5519-3098-4e1c-9191-2aa61232f073" ,
"type" : "detects"
} ,
{
"dest-uuid" : "132d5b37-aac5-4378-a8dc-3127b18a73dc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1365fe3b-0f50-455d-b4da-266ce31c23b0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "15dbf668-795c-41e6-8219-f0447c0e64ce" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1608f3e1-598a-42f4-a01a-2e252e81728f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1644e709-12d2-41e5-a60f-3470991f5011" ,
"type" : "detects"
} ,
{
"dest-uuid" : "16e94db9-b5b1-4cd0-b851-f38fbd0a70f2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "17cc750b-e95b-4d7d-9dde-49e0de24148c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1988cc35-ced8-4dad-b2d1-7628488fa967" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1a80d097-54df-41d8-9d33-34e755ec5e72" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1b20efbf-8063-4fc3-a07d-b575318a301b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1b7ba276-eedc-4951-a762-0ceea2c030ec" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1bae753e-8e52-4055-a66d-2ead90303ca9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1c34f7aa-9341-4a48-bfab-af22e51aca6c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1e9eb839-294b-48cc-b0d3-c45555a2a004" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1eaebf46-e361-4437-bc23-d5d65a3b92e3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1ecfdab8-7d59-4c98-95d4-dc41970f57fc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "208884f1-7b83-4473-ac22-4e1cf6c41471" ,
"type" : "detects"
} ,
{
"dest-uuid" : "20fb2507-d71c-455d-9b6d-6104461cf26b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "215d9700-5881-48b8-8265-6449dbb7195d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "21875073-b0ee-49e3-9077-1e2a885359af" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22522668-ddf6-470b-a027-9d6866679f67" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22905430-4901-4c2a-84f6-98243cb173f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "24769ab5-14bd-4f4e-a752-cfb185da53ee" ,
"type" : "detects"
} ,
{
"dest-uuid" : "25659dd6-ea12-45c4-97e6-381e3e4b593e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "28170e17-8384-415c-8486-2e6b294cb803" ,
"type" : "detects"
} ,
{
"dest-uuid" : "28abec6c-4443-4b03-8206-07f2e264a6b4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2959d63f-73fd-46a1-abd2-109d7dcede32" ,
"type" : "detects"
} ,
{
"dest-uuid" : "29be378d-262d-4e99-b00d-852d573628e6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "29f1f56c-7b7a-4c14-9e39-59577ea2743c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2acf44aa-542f-4366-b4eb-55ef5747759c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2aed01ad-3df3-4410-a8cb-11ea4ded587c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2bce5b30-7014-4a5d-ade7-12913fe6ac36" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2c4d4e92-0ccf-4a97-b54c-86d662988a53" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2cd950a6-16c4-404a-aa01-044322395107" ,
"type" : "detects"
} ,
{
"dest-uuid" : "30208d3e-0d6b-43c8-883e-44462a514619" ,
"type" : "detects"
} ,
{
"dest-uuid" : "30973a08-aed9-4edf-8604-9084ce1b5c4f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3120b9fa-23b8-4500-ae73-09494f607b7d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "315f51f0-6b03-4c1e-bfb2-84740afb8e21" ,
"type" : "detects"
} ,
{
"dest-uuid" : "31a0a2ac-c67c-4a7e-b9ed-6a96477d4e8e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "322bad5a-1c49-4d23-ab79-76d641794afa" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3257eb21-f9a7-4430-8de1-d8b6e288f529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "341e222a-a6e3-4f6f-b69c-831d792b1580" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3489cfc5-640f-4bb3-a103-9137b97de79f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "348f1eef-964b-4eb6-bb53-69b3dcb0c643" ,
"type" : "detects"
} ,
{
"dest-uuid" : "34e793de-0274-4982-9c1a-246ed1c19dee" ,
"type" : "detects"
} ,
{
"dest-uuid" : "34f1d81d-fe88-4f97-bd3b-a3164536255d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "354a7f88-63fb-41b5-a801-ce3b377b36f1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "359b00ad-9425-420b-bba5-6de8d600cbc0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "35dd844a-b219-4e2b-a6bb-efa9a75995a9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "365be77f-fc0e-42ee-bac8-4faf806d9336" ,
"type" : "detects"
} ,
{
"dest-uuid" : "379809f6-2fac-42c1-bd2e-e9dee70b27f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "37b11151-1776-4f8f-b328-30939fbf2ceb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "389735f1-f21c-4208-b8f0-f8031e7169b8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3975dbb5-0e1e-4f5b-bae1-cf2ab84b46dc" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "3a32740a-11b0-4bcf-b0a9-3abd0f6d3cd5" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "3aef9463-9a7a-43ba-8957-a867e07c1e6a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3b0e52ce-517a-4614-a523-1bd5deef6c5e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3c4a2599-71ee-4405-ba1e-0e28414b4bc5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d1b9d7e-3921-4d25-845a-7d9f15c0da44" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3fc01293-ef5e-41c6-86ce-61f10706b64a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3fc9b85a-2862-4363-a64d-d692e3ffbee0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "40597f16-0963-4249-bf4c-ac93b7fb9807" ,
"type" : "detects"
} ,
{
"dest-uuid" : "42e8de7b-37b2-4258-905a-6897815e58e0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "42fe883a-21ea-4cfb-b94a-78b6476dcc83" ,
"type" : "detects"
} ,
{
"dest-uuid" : "435dfb86-2697-4867-85b5-2fef496c0517" ,
"type" : "detects"
} ,
{
"dest-uuid" : "438c967d-3996-4870-bfc2-3954752a1927" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43ba2b05-cf72-4b6c-8243-03a4aba41ee0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43f2776f-b4bd-4118-94b8-fee47e69676d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "457c7820-d331-465a-915e-42f85500ccc4" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "47f2d673-ca62-47e9-929b-1b0be9657611" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "494ab9f0-36e0-4b06-b10d-57285b040a06" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4a2975db-414e-4c0c-bd92-775987514b4b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4ae4f953-fe58-4cc8-a327-33257e30a830" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4bc31b94-045b-4752-8920-aebaebdb6470" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4bed873f-0b7d-41d4-b93a-b6905d1f90b0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4cbc6a62-9e34-4f94-8a19-5c1a11392a49" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4d2a5b3e-340d-4600-9123-309dd63c9bf8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4eb28bed-d11a-4641-9863-c2ac017d910a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4f9ca633-15c5-463c-9724-bdcd54fde541" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4ff5d6a8-c062-4c68-a778-36fc5edd564f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5095a853-299c-4876-abd7-ac0050fb5462" ,
"type" : "detects"
} ,
{
"dest-uuid" : "51ea26b1-ff1e-4faa-b1a0-1114cd298c87" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5372c5fe-f424-4def-bcd5-d3a8e770f07b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "53ac20cd-aca3-406e-9aa0-9fc7fdc60a5a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "54a649ff-439a-41a4-9856-8d144a2551ba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "55bb4471-ff1f-43b4-88c1-c9384ec47abf" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "561ae9aa-c28a-4144-9eec-e7027a14c8c3" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "562e9b64-7239-493d-80f4-2bff900d9054" ,
"type" : "detects"
} ,
{
"dest-uuid" : "565275d5-fcc3-4b66-b4e7-928e4cac6b8c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "57340c81-c025-4189-8fa0-fc7ede51bae4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "573ad264-1371-4ae0-8482-d2673b719dba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "58a3e6aa-4453-4cc8-a51f-4befe80b31a8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5b0ad6f8-6a16-4966-a4ef-d09ea6e2a9f5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5d2be8b9-d24c-4e98-83bf-2f5f79477163" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5e4a2073-9643-44cb-a0b5-e7f4048446c7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "60b508a1-6a5e-46b1-821a-9f7b78752abf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "60d0c01d-e2bf-49dd-a453-f8a9c9fa6f65" ,
"type" : "detects"
} ,
{
"dest-uuid" : "613d08bc-e8f4-4791-80b0-c8b974340dfd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "61afc315-860c-4364-825d-0d62b2e91edc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "63220765-d418-44de-8fae-694b3912317d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "633a100c-b2c9-41bf-9be5-905c1b16c825" ,
"type" : "detects"
} ,
{
"dest-uuid" : "635cbe30-392d-4e27-978e-66774357c762" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6495ae23-3ab4-43c5-a94f-5638a2c31fd2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "65917ae0-b854-4139-83fe-bf2441cf0196" ,
"type" : "detects"
} ,
{
"dest-uuid" : "65f2d882-3f41-4d48-8a06-29af77ec9f90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "67720091-eee3-4d2d-ae16-8264567f6f5b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "677569f9-a8b0-459e-ab24-7f18091fa7bf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6831414d-bb70-42b7-8030-d4e06b2660c9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6836813e-8ec8-4375-b459-abb388cb1a35" ,
"type" : "detects"
} ,
{
"dest-uuid" : "685f917a-e95e-4ba0-ade1-c7d354dae6e0" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "693cdbff-ea73-49c6-ac3f-91e7285c31d1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6add2ab5-2711-4e9d-87c8-7a0be8531530" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6b57dc31-b814-4a03-8706-28bc20d739c4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6d4a7fb3-5a24-42be-ae61-6728a2b581f6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6e3bd510-6b33-41a4-af80-2d80f3ee0071" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6faf650d-bf31-4eb4-802d-1000cf38efaf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "707399d6-ab3e-4963-9315-d9d3818cd6a0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "70e52b04-2a0c-4cea-9d18-7149f1df9dc5" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "718cb208-6446-4572-a2f0-9c799c60091e" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "72b74d71-8169-42aa-92e0-e7b04b9f5a08" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7385dfaf-6886-4229-9ecd-6fd678040830" ,
"type" : "detects"
} ,
{
"dest-uuid" : "74d2a63f-3c7b-4852-92da-02d8fbab16da" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7610cada-1499-41a4-b3dd-46467b68d177" ,
"type" : "detects"
} ,
{
"dest-uuid" : "767dbf9e-df3f-45cb-8998-4903ab5f80c0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "774a3188-6ba9-4dc4-879d-d54ee48a5ce9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "799ace7f-e227-4411-baa0-8868704f2a69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "79a4052e-1a89-4b09-aea6-51f1d11fe19c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "79a47ad0-fc3b-4821-9f01-a026b1ddba21" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7b50a1d3-4ca7-45d1-989d-a6503f04bfe1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7bc57495-ea59-4380-be31-a64af124ef18" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7bdca9d5-d500-4d7d-8c52-5fd47baf4c0c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7d20fff9-8751-404e-badd-ccd71bda0236" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7d57b371-10c2-45e5-b3cc-83a8fb380e4c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7d77a07d-02fe-4e88-8bd9-e9c008c01bf0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7dd95ff6-712e-4056-9626-312ea4ab4c5e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7de1f7ac-5d0c-4c9c-8873-627202205331" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7e150503-88e7-4861-866b-ff1ac82c4475" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7f0ca133-88c4-40c6-a62f-b3083a7fbc2e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "808e6329-ca91-4b87-ac2d-8eadc5f8f327" ,
"type" : "detects"
} ,
{
"dest-uuid" : "810aa4ad-61c9-49cb-993f-daa06199421d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "818302b2-d640-477b-bf88-873120ce85c4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8187bd2a-866f-4457-9009-86b0ddedffa3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "824add00-99a1-4b15-9a2d-6c5683b7b497" ,
"type" : "detects"
} ,
{
"dest-uuid" : "82caa33e-d11a-433a-94ea-9b5a5fbef81d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "837f9164-50af-4ac0-8219-379d8a74cefc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "840a987a-99bd-4a80-a5c9-0cb2baa6cade" ,
"type" : "detects"
} ,
{
"dest-uuid" : "853c4192-4311-43e1-bfbb-b11b14911852" ,
"type" : "detects"
} ,
{
"dest-uuid" : "866d0d6d-02c6-42bd-aa2f-02907fdc0969" ,
"type" : "detects"
} ,
{
"dest-uuid" : "86850eff-2729-40c3-b85e-c4af26da4a2d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "86a96bf6-cf8b-411c-aaeb-8959944d64f7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c32eb4d-805f-4fc5-bf60-c4d476c131b5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c4aef43-48d5-49aa-b2af-c0cd58d30c3d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8cdeb020-e31e-4f88-a582-f53dcfbda819" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8d7bd4f5-3a89-4453-9c82-2c8894d5655e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8e350c1d-ac79-4b5c-bd4e-7476d7e84ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8f104855-e5b7-4077-b1f5-bc3103b41abe" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8f4a33ec-8b1f-4b80-a2f6-642b2e479580" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8f504411-cb96-4dac-a537-8d2bb7679c59" ,
"type" : "detects"
} ,
{
"dest-uuid" : "910906dd-8c0a-475a-9cc1-5e029e2fad58" ,
"type" : "detects"
} ,
{
"dest-uuid" : "91541e7e-b969-40c6-bbd8-1b5352ec2938" ,
"type" : "detects"
} ,
{
"dest-uuid" : "92d7da27-2d91-488e-a00c-059dc162766d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "970a3432-3237-47ad-bcca-7d8cbb217736" ,
"type" : "detects"
} ,
{
"dest-uuid" : "98034fef-d9fb-4667-8dc4-2eab6231724c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9c45eaa3-8604-4780-8988-b5074dbb9ecd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9ef14445-6f35-4ed0-a042-5024f13a9242" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9efb1ea7-c37b-4595-9640-b7680cd84279" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a01bf75f-00b2-4568-a58f-565ff9bf202b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a10641f4-87b4-45a3-a906-92a149cb2c27" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a19e86f8-1c0a-4fea-8407-23b73d615776" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a1b52199-c8c5-438a-9ded-656f1d0888c6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a2029942-0a85-4947-b23c-ca434698171d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a3e1e6c5-9c74-4fc0-a16c-a9d228c17829" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a542bac9-7bc1-4da7-9a09-96f69e23cc21" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a6937325-9321-4e2e-bb2b-3ed2d40b2a9d" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "a718a0c8-5768-41a1-9958-a1cc3f995e99" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "a750a9f6-0bde-4bb3-9aae-1e2786e9780c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a93494bb-4b80-4ea1-8695-3236a49916fd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a9d4b653-6915-42af-98b2-5758c4ceee56" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a9e2cea0-c805-4bf8-9e31-f5f0513a3634" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ac08589e-ee59-4935-8667-d845e38fe579" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ae676644-d2d2-41b7-af7e-9bed1b55898c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "afddee82-3385-4682-ad90-eeced33f2d07" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "b0c74ef9-c61e-4986-88cb-78da98a355ec" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "b0e54bf7-835e-4f44-bd8e-62f431b9b76a" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "b22e5153-ac28-4cc6-865c-2054e36285cb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b3d682b6-98f2-4fb0-aa3b-b4df007ca70a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b4694861-542c-48ea-9eb1-10d356e7140a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b46a801b-fd98-491c-a25a-bca25d6e3001" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b5327dd1-6bf9-4785-a199-25bcbd1f4a9d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b6075259-dba3-44e9-87c7-e954f37ec0d5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b6301b64-ef57-4cce-bb0b-77026f14a8db" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b63a34e8-0a61-4c97-a23b-bf8a2ed812e2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b80d107d-fa0d-4b60-9684-b0433e8bdba0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b83e166d-13d7-4b52-8677-dff90c548fd7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b8cfed42-6a8a-4989-ad72-541af74475ec" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b97f1d35-4249-4486-a6b5-ee60ccf24fab" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bc0f5e80-91c0-4e04-9fbb-e4e332c85dae" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bd5b58a4-a52d-4a29-bc0d-3f1d3968eb6b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf147104-abf9-4221-95d1-e81585859441" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf1b6176-597c-4600-bfcd-ac989670f96b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf90d72c-c00b-45e3-b3aa-68560560d4c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c0dfe7b0-b873-4618-9ff8-53e31f70907f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c1b68a96-3c48-49ea-a6c0-9b27359f9c19" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c32f7008-9fea-41f7-8366-5eb9b74bd896" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c48a67ee-b657-45c1-91bf-6cdbe27205f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c615231b-f253-4f58-9d47-d5b4cbdb6839" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c63a348e-ffc2-486a-b9d9-d7f11ec54d99" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c726e0a2-a57a-4b7b-a973-d0f013246617" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c877e33f-1df6-40d6-b1e7-ce70f16f4979" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c8e87b83-edbb-48d4-9295-4974897525b7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c92e3d68-2349-49e4-a341-7edca2deff96" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cba37adb-d6fb-4610-b069-dd04c0643384" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cbb66055-0325-4111-aca0-40547b6ad5b0" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "cc279e50-df85-4c8e-be80-6dc2eda8849c" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "cc3502b5-30cc-4473-ad48-42d51a6ef6d1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cc89ecbd-3d33-4a41-bcca-001e702d18fd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cd25c1b4-935c-4f0e-ba8d-552f28bc4783" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ce4b7013-640e-48a9-b501-d0025a95f4bf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d0b4fcdb-d67d-4ed2-99ce-788b12f8c0f4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d10cbd34-42e3-45c0-84d2-535a09849584" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d157f9d2-d09a-4efa-bb2a-64963f94e253" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d1fcf083-a721-4223-aedf-bf8960798d62" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d2c4e5ea-dbdf-4113-805a-b1e2a337fb33" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d336b553-5da9-46ca-98a8-0b23f49fb447" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d45a3d09-b3cf-48f4-9f0f-f521ee5cb05c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d50955c2-272d-4ac8-95da-10c29dda1c48" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d511a6f6-4a33-41d5-bc95-c343875d1377" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d63a3fb8-9452-4e9d-a60a-54be68d5998c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d94b3ae9-8059-4989-8e9f-ea0f601f80a7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "da051493-ae9c-4b1b-9760-c009c46c9b56" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dca670cf-eeec-438f-8185-fd959d9ef211" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dcaa092b-7de9-4a21-977f-7fcb77e89c48" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dfd7cc1d-e1d8-4394-a198-97c4cab8aa67" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dfefe2ed-4389-4318-8762-f0272b350a1b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e0033c16-a07e-48aa-8204-7c3ca669998c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e01be9c5-e763-4caf-aeb7-000b416aef67" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e0232cb0-ded5-4c2e-9dc7-2893142a5c11" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e358d692-23c0-4a31-9eb6-ecc13a8d7735" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e3a12395-188d-4051-9a16-ea8e14d07b88" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e3b6daca-e963-4a69-aee6-ed4fd653ad58" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e4dc8c01-417f-458d-9ee0-bb0617c1b391" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e5cc9e7a-e61a-46a1-b869-55fb6eab058e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e6415f09-df0e-48de-9aba-928c902b7549" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e6919abc-99f9-4c6c-95a5-14761e7b2add" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "e6f19759-dde3-47fc-99cc-d9f5fa4ade60" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e8a0a025-3601-4755-abfb-8d08283329fb" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "ea071aa0-8f17-416f-ab0d-2bab7e79003d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "eb125d40-0b2d-41ac-a71a-3229241c2cd3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ebb42bbe-62d7-47d7-a55f-3b08b61d792d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ec8fc7e2-b356-455c-8db5-2e37be158e7d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ed7efd4d-ce28-4a19-a8e6-c58011eb2c7a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "edf91964-b26e-4b4a-9600-ccacd7d7df24" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f1951e8a-500e-4a26-8803-76d95c4554b4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f244b8dd-af6c-4391-a497-fc03627ce995" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f2857333-11d4-45bf-b064-2c28d8525be5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f3c544dc-673c-4ef3-accb-53229f1ae077" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f3d95a1f-bba2-44ce-9af7-37866cd63fd0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f5d8eed6-48a9-4cdf-a3d7-d1ffa99c3d2a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f63fe421-b1d1-45c0-b8a7-02cd16ff2bed" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f6fe9070-7a65-49ea-ae72-76292f42cebe" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f8ef3a62-3f44-40a4-abca-761ab235c436" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fb640c43-aa6b-431e-a961-a279010424ac" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fb8d023d-45be-47e9-bc51-f56bcae6435b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ff25900d-76d5-449b-a351-8824e62fc81b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ff73aa03-0090-4464-83ac-f89e233c02bc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ffbcfdb0-de22-4106-9ed3-fc23c8a01407" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ffeb0780-356e-4261-b036-cfb6bd234335" ,
"type" : "detects"
}
] ,
"uuid" : "685f917a-e95e-4ba0-ade1-c7d354dae6e0" ,
"value" : "Command Execution"
} ,
{
"description" : "Initial construction of a new file (ex: Sysmon EID 11)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "005a06c6-14bf-4118-afa0-ebcd8aebb0c9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "00f90846-cbd1-4fc5-9233-df5c2bf2a662" ,
"type" : "detects"
} ,
{
"dest-uuid" : "03259939-0b57-482f-8eb5-87c0e0d54334" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0533ab23-3f7d-463f-9bd8-634d27e4dee1" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "09b008a9-b4eb-462a-a751-a0eb58050cd9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "0c2d00da-7742-49e7-9928-4514e5075d32" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0c8ab3eb-df48-4b9c-ace7-beacaac81cc5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0cfe31a7-81fc-472c-bc45-e2808d1066a3" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "0d91b3c0-5e50-47c3-949a-2a796f04d144" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "0f2c410d-d740-4ed9-abb1-b8f4a7faf6c3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "106c0cf6-bf73-4601-9aa8-0945c2715ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1126cab1-c700-412f-a510-61f4937bb096" ,
"type" : "detects"
} ,
{
"dest-uuid" : "11f29a39-0942-4d62-92b6-fe236cf3066e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "143c0cbb-a297-4142-9624-87ffc778980b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1644e709-12d2-41e5-a60f-3470991f5011" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1c34f7aa-9341-4a48-bfab-af22e51aca6c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1cfcb312-b8d7-47a4-b560-4b16cc677292" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22905430-4901-4c2a-84f6-98243cb173f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "232b7f21-adf9-4b42-b936-b9d6f7df856e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "246fd3c7-f5e3-466d-8787-4c13d9e3b61c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2b3bfe19-d59a-460d-93bb-2f546adc2d2c" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "2c4d4e92-0ccf-4a97-b54c-86d662988a53" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2de47683-f398-448f-b947-9abcc3e32fad" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2e34237d-8574-43f6-aace-ae2915de8597" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2fee9321-3e71-4cf4-af24-d4d40d355b34" ,
"type" : "detects"
} ,
{
"dest-uuid" : "32ad5c86-2bcf-47d8-8fdc-d7f3d79a7490" ,
"type" : "detects"
} ,
{
"dest-uuid" : "34f1d81d-fe88-4f97-bd3b-a3164536255d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "35187df2-31ed-43b6-a1f5-2f1d3d58d3f1" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "356662f7-e315-4759-86c9-6214e2a50ff8" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "359b00ad-9425-420b-bba5-6de8d600cbc0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "35dd844a-b219-4e2b-a6bb-efa9a75995a9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3731fbcd-0e43-47ae-ae6c-d15e510f0d42" ,
"type" : "detects"
} ,
{
"dest-uuid" : "389735f1-f21c-4208-b8f0-f8031e7169b8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3b744087-9945-4a6f-91e8-9dbceda417a4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "41868330-6ee2-4d0f-b743-9f2294c3c9b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43881e51-ac74-445b-b4c6-f9f9e9bf23fe" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43ba2b05-cf72-4b6c-8243-03a4aba41ee0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43c9bc06-715b-42db-972f-52d25c09a20c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "457c7820-d331-465a-915e-42f85500ccc4" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "49fca0d2-685d-41eb-8bd4-05451cc3a742" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "4ab929c6-ee2d-4fb5-aab4-b14be2ed7179" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4ff5d6a8-c062-4c68-a778-36fc5edd564f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "53ac20cd-aca3-406e-9aa0-9fc7fdc60a5a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "573ad264-1371-4ae0-8482-d2673b719dba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "58af3705-8740-4c68-9329-ec015a7013c2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5909f20f-3c39-4795-be06-ef1ea40d350b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5d0d3609-d06d-49e1-b9c9-b544e0c618cb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "63220765-d418-44de-8fae-694b3912317d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "633a100c-b2c9-41bf-9be5-905c1b16c825" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "65f2d882-3f41-4d48-8a06-29af77ec9f90" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "70d81154-b187-45f9-8ec5-295d01255979" ,
"type" : "detects"
} ,
{
"dest-uuid" : "70e52b04-2a0c-4cea-9d18-7149f1df9dc5" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "718cb208-6446-4572-a2f0-9c799c60091e" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "79a47ad0-fc3b-4821-9f01-a026b1ddba21" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7dd95ff6-712e-4056-9626-312ea4ab4c5e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7e7c2fba-7cca-486c-9582-4c1bb2851961" ,
"type" : "detects"
} ,
{
"dest-uuid" : "840a987a-99bd-4a80-a5c9-0cb2baa6cade" ,
"type" : "detects"
} ,
{
"dest-uuid" : "84601337-6a55-4ad7-9c35-79e0d1ea2ab3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "887274fc-2d63-4bdc-82f3-fae56d1d5fdc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c32eb4d-805f-4fc5-bf60-c4d476c131b5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c41090b-aa47-4331-986b-8c9a51a91103" ,
"type" : "detects"
} ,
{
"dest-uuid" : "90c4a591-d02d-490b-92aa-619d9701ac04" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "910906dd-8c0a-475a-9cc1-5e029e2fad58" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "960c3c86-1480-4d72-b4e0-8c242e84a5c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9c45eaa3-8604-4780-8988-b5074dbb9ecd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9e8b28c9-35fe-48ac-a14d-e6cc032dcbcd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a1b52199-c8c5-438a-9ded-656f1d0888c6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a62a8db3-f23a-4d8f-afd6-9dbc77e7813b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a6937325-9321-4e2e-bb2b-3ed2d40b2a9d" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "a718a0c8-5768-41a1-9958-a1cc3f995e99" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "ac9e6b22-11bf-45d7-9181-c1cb08360931" ,
"type" : "detects"
} ,
{
"dest-uuid" : "aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b22e5153-ac28-4cc6-865c-2054e36285cb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b3d682b6-98f2-4fb0-aa3b-b4df007ca70a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b46a801b-fd98-491c-a25a-bca25d6e3001" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b5327dd1-6bf9-4785-a199-25bcbd1f4a9d" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "b577dfc1-0177-4522-8d5a-782127c8592b" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "b6301b64-ef57-4cce-bb0b-77026f14a8db" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b63a34e8-0a61-4c97-a23b-bf8a2ed812e2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b77cf5f3-6060-475d-bd60-40ccbf28fdc2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b80d107d-fa0d-4b60-9684-b0433e8bdba0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf90d72c-c00b-45e3-b3aa-68560560d4c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf96a5a3-3bce-43b7-8597-88545984c07b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c0dfe7b0-b873-4618-9ff8-53e31f70907f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c63a348e-ffc2-486a-b9d9-d7f11ec54d99" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c726e0a2-a57a-4b7b-a973-d0f013246617" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cd25c1b4-935c-4f0e-ba8d-552f28bc4783" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ce4b7013-640e-48a9-b501-d0025a95f4bf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d10cbd34-42e3-45c0-84d2-535a09849584" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d456de47-a16f-4e46-8980-e67478a12dcb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d4dc46e3-5ba5-45b9-8204-010867cacfcb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d742a578-d70e-4d0e-96a6-02a9c30204e6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "da051493-ae9c-4b1b-9760-c009c46c9b56" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dca670cf-eeec-438f-8185-fd959d9ef211" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dfefe2ed-4389-4318-8762-f0272b350a1b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e0232cb0-ded5-4c2e-9dc7-2893142a5c11" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e64c62cf-9cd7-4a14-94ec-cdaac43ab44b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e6919abc-99f9-4c6c-95a5-14761e7b2add" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ec8fc7e2-b356-455c-8db5-2e37be158e7d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ed7efd4d-ce28-4a19-a8e6-c58011eb2c7a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ef67e13e-5598-4adc-bdb2-998225874fa9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f0589bc3-a6ae-425a-a3d5-5659bfee07f4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4c1826f-a322-41cd-9557-562100848c84" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fc742192-19e3-466c-9eb5-964a97b29490" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ffbcfdb0-de22-4106-9ed3-fc23c8a01407" ,
"type" : "detects"
}
] ,
"uuid" : "2b3bfe19-d59a-460d-93bb-2f546adc2d2c" ,
"value" : "File Creation"
} ,
{
"description" : "Initial construction of a WMI object, such as a filter, consumer, subscription, binding, or provider (ex: Sysmon EIDs 19-21)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "01a5a209-b94c-450b-b7f9-946497d91055" ,
"type" : "detects"
} ,
{
"dest-uuid" : "02c5abff-30bf-4703-ab92-1f6072fae939" ,
"type" : "detects"
} ,
{
"dest-uuid" : "05645013-2fed-4066-8bdc-626b2e201dd4" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "54a649ff-439a-41a4-9856-8d144a2551ba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "910906dd-8c0a-475a-9cc1-5e029e2fad58" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b3d682b6-98f2-4fb0-aa3b-b4df007ca70a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b6301b64-ef57-4cce-bb0b-77026f14a8db" ,
"type" : "detects"
}
] ,
"uuid" : "05645013-2fed-4066-8bdc-626b2e201dd4" ,
"value" : "WMI Creation"
} ,
{
"description" : "Initial construction of a new instance (ex: instance.insert within GCP Audit Logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "59bd0dec-f8b2-4b9a-9141-37a1e6899761" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c32eb4d-805f-4fc5-bf60-c4d476c131b5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b0c74ef9-c61e-4986-88cb-78da98a355ec" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b5b0e8ae-7436-4951-950a-7b83c4dd3f2c" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "cf1c2504-433f-4c4e-a1f8-91de45a0318c" ,
"type" : "detects"
}
] ,
"uuid" : "b5b0e8ae-7436-4951-950a-7b83c4dd3f2c" ,
"value" : "Instance Creation"
} ,
{
"description" : "Initial construction of a virtual machine image (ex: Azure Compute Service Images PUT)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "4fd8a28b-4b3a-4cd6-a8cf-85ba5f824a7f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "800f9819-7007-4540-a520-40e655876800" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c32eb4d-805f-4fc5-bf60-c4d476c131b5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b008766d-f34f-4ded-b712-659f59aaed6e" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "b0c74ef9-c61e-4986-88cb-78da98a355ec" ,
"type" : "detects"
}
] ,
"uuid" : "b008766d-f34f-4ded-b712-659f59aaed6e" ,
"value" : "Image Creation"
} ,
{
"description" : "Contextual data about a container and activity around it such as name, ID, image, or status" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "df508a43-65f5-453f-8b8f-4b5d64e60a21" ,
"type" : "included-in"
}
] ,
"uuid" : "df508a43-65f5-453f-8b8f-4b5d64e60a21" ,
"value" : "Container Metadata"
} ,
{
"description" : "Contextual data about a cluster and activity around it such as name, namespace, age, or status" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "fafaa705-ec08-4405-ac62-288c252e520d" ,
"type" : "included-in"
}
] ,
"uuid" : "fafaa705-ec08-4405-ac62-288c252e520d" ,
"value" : "Cluster Metadata"
} ,
{
"description" : "Code, strings, and other signatures that compromise a malicious payload" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "167b48f7-76e9-4fcb-9e8d-7121f7bf56c3" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "212306d8-efa4-44c9-8c2d-ed3d2e224aa0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7807d3a4-a885-4639-a786-c1ed41484970" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ce0687a0-e692-4b77-964a-0784a8e54ff1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "edadea33-549c-4ed1-9783-8f5a5853cbdf" ,
"type" : "detects"
}
] ,
"uuid" : "167b48f7-76e9-4fcb-9e8d-7121f7bf56c3" ,
"value" : "Malware Content"
} ,
{
"description" : "Network requests made by an application or domains contacted" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "22379609-a99f-4a01-bd7e-70f3e105859d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "28fdd23d-aee3-4afe-bc3f-5f1f52929258" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2bb20118-e6c0-41dc-a07c-283ea4dd0fb8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2ccc3d39-9598-4d32-9657-42e1c7095d26" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5abfc5e6-3c56-49e7-ad72-502d01acf28b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6c49d50f-494d-4150-b774-a655022d20a6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "764ee29e-48d6-4934-8e6b-7a606aaaafc0" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "939808a7-121d-467a-b028-4441ee8b7cee" ,
"type" : "detects"
} ,
{
"dest-uuid" : "948a447c-d783-4ba0-8516-a64140fcacd5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "986f80f7-ff0e-4f48-87bd-0394814bbce5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c6a146ae-9c63-4606-97ff-e261e76e8380" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d916f176-a1ca-4a78-9fdd-4058bc28162e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fd211238-f767-4599-8c0d-9dca36624626" ,
"type" : "detects"
}
] ,
"uuid" : "764ee29e-48d6-4934-8e6b-7a606aaaafc0" ,
"value" : "Network Communication"
} ,
{
"description" : "Device configuration options that are not typically utilized by benign applications" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "08e22979-d320-48ed-8711-e7bf94aabb13" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6c62144a-cd5c-401c-ada9-58c4c74cd9d2" ,
"type" : "included-in"
}
] ,
"uuid" : "6c62144a-cd5c-401c-ada9-58c4c74cd9d2" ,
"value" : "Protected Configuration"
} ,
{
"description" : "The initial construction of an executable managed by the OS, that may involve one or more tasks or threads. (e.g. Win EID 4688, Sysmon EID 1, cmd.exe > net use, etc.)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "005a06c6-14bf-4118-afa0-ebcd8aebb0c9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "005cc321-08ce-4d17-b1ea-cb5275926520" ,
"type" : "detects"
} ,
{
"dest-uuid" : "00f90846-cbd1-4fc5-9233-df5c2bf2a662" ,
"type" : "detects"
} ,
{
"dest-uuid" : "01327cde-66c4-4123-bf34-5f258d59457b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "01a5a209-b94c-450b-b7f9-946497d91055" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "02c5abff-30bf-4703-ab92-1f6072fae939" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "03259939-0b57-482f-8eb5-87c0e0d54334" ,
"type" : "detects"
} ,
{
"dest-uuid" : "03d7999c-1f4c-42cc-8373-e7690d318104" ,
"type" : "detects"
} ,
{
"dest-uuid" : "045d0922-2310-4e60-b5e4-3302302cb3c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "09b130a2-a77e-4af0-a361-f46f9aad1345" ,
"type" : "detects"
} ,
{
"dest-uuid" : "09cd431f-eaf4-4d2a-acaf-2a7acfe7ed58" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0af0ca99-357d-4ba1-805f-674fdfb7bef9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0c2d00da-7742-49e7-9928-4514e5075d32" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0f2c410d-d740-4ed9-abb1-b8f4a7faf6c3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0f4a0c76-ab2d-4cb0-85d3-3f0efb8cba0d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "106c0cf6-bf73-4601-9aa8-0945c2715ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "10ff21b9-5a01-4268-a1b5-3b55015f1847" ,
"type" : "detects"
} ,
{
"dest-uuid" : "120d5519-3098-4e1c-9191-2aa61232f073" ,
"type" : "detects"
} ,
{
"dest-uuid" : "132d5b37-aac5-4378-a8dc-3127b18a73dc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1365fe3b-0f50-455d-b4da-266ce31c23b0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "15dbf668-795c-41e6-8219-f0447c0e64ce" ,
"type" : "detects"
} ,
{
"dest-uuid" : "16e94db9-b5b1-4cd0-b851-f38fbd0a70f2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "17cc750b-e95b-4d7d-9dde-49e0de24148c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1988cc35-ced8-4dad-b2d1-7628488fa967" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1b20efbf-8063-4fc3-a07d-b575318a301b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1bae753e-8e52-4055-a66d-2ead90303ca9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1c4e5d32-1fe9-4116-9d9d-59e3925bd6a2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1eaebf46-e361-4437-bc23-d5d65a3b92e3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "1f9c2bae-b441-4f66-a8af-b65946ee72f2" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "20fb2507-d71c-455d-9b6d-6104461cf26b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "215d9700-5881-48b8-8265-6449dbb7195d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "21875073-b0ee-49e3-9077-1e2a885359af" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22522668-ddf6-470b-a027-9d6866679f67" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22905430-4901-4c2a-84f6-98243cb173f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "232a7e42-cd6e-4902-8fe9-2960f529dd4d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "232b7f21-adf9-4b42-b936-b9d6f7df856e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "246fd3c7-f5e3-466d-8787-4c13d9e3b61c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "25659dd6-ea12-45c4-97e6-381e3e4b593e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "28170e17-8384-415c-8486-2e6b294cb803" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2959d63f-73fd-46a1-abd2-109d7dcede32" ,
"type" : "detects"
} ,
{
"dest-uuid" : "29be378d-262d-4e99-b00d-852d573628e6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "29f1f56c-7b7a-4c14-9e39-59577ea2743c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2acf44aa-542f-4366-b4eb-55ef5747759c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2aed01ad-3df3-4410-a8cb-11ea4ded587c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2c4d4e92-0ccf-4a97-b54c-86d662988a53" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2cd950a6-16c4-404a-aa01-044322395107" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2db31dcd-54da-405d-acef-b9129b816ed6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2f6b4ed7-fef1-44ba-bcb8-1b4beb610b64" ,
"type" : "detects"
} ,
{
"dest-uuid" : "31a0a2ac-c67c-4a7e-b9ed-6a96477d4e8e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "322bad5a-1c49-4d23-ab79-76d641794afa" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3257eb21-f9a7-4430-8de1-d8b6e288f529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "341e222a-a6e3-4f6f-b69c-831d792b1580" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3489cfc5-640f-4bb3-a103-9137b97de79f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "348f1eef-964b-4eb6-bb53-69b3dcb0c643" ,
"type" : "detects"
} ,
{
"dest-uuid" : "34a80bc4-80f2-46e6-94ff-f3265a4b657c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "34e793de-0274-4982-9c1a-246ed1c19dee" ,
"type" : "detects"
} ,
{
"dest-uuid" : "34f1d81d-fe88-4f97-bd3b-a3164536255d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "354a7f88-63fb-41b5-a801-ce3b377b36f1" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "356662f7-e315-4759-86c9-6214e2a50ff8" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "35dd844a-b219-4e2b-a6bb-efa9a75995a9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "365be77f-fc0e-42ee-bac8-4faf806d9336" ,
"type" : "detects"
} ,
{
"dest-uuid" : "379809f6-2fac-42c1-bd2e-e9dee70b27f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "37b11151-1776-4f8f-b328-30939fbf2ceb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "389735f1-f21c-4208-b8f0-f8031e7169b8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3975dbb5-0e1e-4f5b-bae1-cf2ab84b46dc" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "3a32740a-11b0-4bcf-b0a9-3abd0f6d3cd5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3aef9463-9a7a-43ba-8957-a867e07c1e6a" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "3b0e52ce-517a-4614-a523-1bd5deef6c5e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3b744087-9945-4a6f-91e8-9dbceda417a4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3c4a2599-71ee-4405-ba1e-0e28414b4bc5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3ccef7ae-cb5e-48f6-8302-897105fbf55c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d1b9d7e-3921-4d25-845a-7d9f15c0da44" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d20385b-24ef-40e1-9f56-f39750379077" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3fc9b85a-2862-4363-a64d-d692e3ffbee0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4061e78c-1284-44b4-9116-73e4ac3912f7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "42e8de7b-37b2-4258-905a-6897815e58e0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "42fe883a-21ea-4cfb-b94a-78b6476dcc83" ,
"type" : "detects"
} ,
{
"dest-uuid" : "435dfb86-2697-4867-85b5-2fef496c0517" ,
"type" : "detects"
} ,
{
"dest-uuid" : "438c967d-3996-4870-bfc2-3954752a1927" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43ba2b05-cf72-4b6c-8243-03a4aba41ee0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43c9bc06-715b-42db-972f-52d25c09a20c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "451a9977-d255-43c9-b431-66de80130c8c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "457c7820-d331-465a-915e-42f85500ccc4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4a2975db-414e-4c0c-bd92-775987514b4b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4a5b7ade-8bb5-4853-84ed-23f262002665" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4ab929c6-ee2d-4fb5-aab4-b14be2ed7179" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4ae4f953-fe58-4cc8-a327-33257e30a830" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4bc31b94-045b-4752-8920-aebaebdb6470" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4bed873f-0b7d-41d4-b93a-b6905d1f90b0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4cbc6a62-9e34-4f94-8a19-5c1a11392a49" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4d2a5b3e-340d-4600-9123-309dd63c9bf8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4eb28bed-d11a-4641-9863-c2ac017d910a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4f9ca633-15c5-463c-9724-bdcd54fde541" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4ff5d6a8-c062-4c68-a778-36fc5edd564f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "53ac20cd-aca3-406e-9aa0-9fc7fdc60a5a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "54a649ff-439a-41a4-9856-8d144a2551ba" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "561ae9aa-c28a-4144-9eec-e7027a14c8c3" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "565275d5-fcc3-4b66-b4e7-928e4cac6b8c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "57340c81-c025-4189-8fa0-fc7ede51bae4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "573ad264-1371-4ae0-8482-d2673b719dba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "58af3705-8740-4c68-9329-ec015a7013c2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5b0ad6f8-6a16-4966-a4ef-d09ea6e2a9f5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5d0d3609-d06d-49e1-b9c9-b544e0c618cb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5e4a2073-9643-44cb-a0b5-e7f4048446c7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "60d0c01d-e2bf-49dd-a453-f8a9c9fa6f65" ,
"type" : "detects"
} ,
{
"dest-uuid" : "61afc315-860c-4364-825d-0d62b2e91edc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "63220765-d418-44de-8fae-694b3912317d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "633a100c-b2c9-41bf-9be5-905c1b16c825" ,
"type" : "detects"
} ,
{
"dest-uuid" : "635cbe30-392d-4e27-978e-66774357c762" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6495ae23-3ab4-43c5-a94f-5638a2c31fd2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "65917ae0-b854-4139-83fe-bf2441cf0196" ,
"type" : "detects"
} ,
{
"dest-uuid" : "65f2d882-3f41-4d48-8a06-29af77ec9f90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "67720091-eee3-4d2d-ae16-8264567f6f5b" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "6836813e-8ec8-4375-b459-abb388cb1a35" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "68a0c5ed-bee2-4513-830d-5b0d650139bd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "693cdbff-ea73-49c6-ac3f-91e7285c31d1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6b57dc31-b814-4a03-8706-28bc20d739c4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6d4a7fb3-5a24-42be-ae61-6728a2b581f6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6e3bd510-6b33-41a4-af80-2d80f3ee0071" ,
"type" : "detects"
} ,
{
"dest-uuid" : "707399d6-ab3e-4963-9315-d9d3818cd6a0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "70d81154-b187-45f9-8ec5-295d01255979" ,
"type" : "detects"
} ,
{
"dest-uuid" : "70e52b04-2a0c-4cea-9d18-7149f1df9dc5" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "718cb208-6446-4572-a2f0-9c799c60091e" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "72b74d71-8169-42aa-92e0-e7b04b9f5a08" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7385dfaf-6886-4229-9ecd-6fd678040830" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "74d2a63f-3c7b-4852-92da-02d8fbab16da" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "7610cada-1499-41a4-b3dd-46467b68d177" ,
"type" : "detects"
} ,
{
"dest-uuid" : "767dbf9e-df3f-45cb-8998-4903ab5f80c0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "799ace7f-e227-4411-baa0-8868704f2a69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "79a47ad0-fc3b-4821-9f01-a026b1ddba21" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7b50a1d3-4ca7-45d1-989d-a6503f04bfe1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7bc57495-ea59-4380-be31-a64af124ef18" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7d20fff9-8751-404e-badd-ccd71bda0236" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7d57b371-10c2-45e5-b3cc-83a8fb380e4c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7e150503-88e7-4861-866b-ff1ac82c4475" ,
"type" : "detects"
} ,
{
"dest-uuid" : "808e6329-ca91-4b87-ac2d-8eadc5f8f327" ,
"type" : "detects"
} ,
{
"dest-uuid" : "810aa4ad-61c9-49cb-993f-daa06199421d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "824add00-99a1-4b15-9a2d-6c5683b7b497" ,
"type" : "detects"
} ,
{
"dest-uuid" : "82caa33e-d11a-433a-94ea-9b5a5fbef81d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "837f9164-50af-4ac0-8219-379d8a74cefc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "840a987a-99bd-4a80-a5c9-0cb2baa6cade" ,
"type" : "detects"
} ,
{
"dest-uuid" : "84601337-6a55-4ad7-9c35-79e0d1ea2ab3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "853c4192-4311-43e1-bfbb-b11b14911852" ,
"type" : "detects"
} ,
{
"dest-uuid" : "866d0d6d-02c6-42bd-aa2f-02907fdc0969" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c32eb4d-805f-4fc5-bf60-c4d476c131b5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c4aef43-48d5-49aa-b2af-c0cd58d30c3d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8f4a33ec-8b1f-4b80-a2f6-642b2e479580" ,
"type" : "detects"
} ,
{
"dest-uuid" : "910906dd-8c0a-475a-9cc1-5e029e2fad58" ,
"type" : "detects"
} ,
{
"dest-uuid" : "91541e7e-b969-40c6-bbd8-1b5352ec2938" ,
"type" : "detects"
} ,
{
"dest-uuid" : "92a78814-b191-47ca-909c-1ccfe3777414" ,
"type" : "detects"
} ,
{
"dest-uuid" : "93591901-3172-4e94-abf8-6034ab26f44a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "970a3432-3237-47ad-bcca-7d8cbb217736" ,
"type" : "detects"
} ,
{
"dest-uuid" : "98034fef-d9fb-4667-8dc4-2eab6231724c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9c306d8d-cde7-4b4c-b6e8-d0bb16caca36" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9c45eaa3-8604-4780-8988-b5074dbb9ecd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9e8b28c9-35fe-48ac-a14d-e6cc032dcbcd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9efb1ea7-c37b-4595-9640-b7680cd84279" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a01bf75f-00b2-4568-a58f-565ff9bf202b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a10641f4-87b4-45a3-a906-92a149cb2c27" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a1b52199-c8c5-438a-9ded-656f1d0888c6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a2029942-0a85-4947-b23c-ca434698171d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a3e1e6c5-9c74-4fc0-a16c-a9d228c17829" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a542bac9-7bc1-4da7-9a09-96f69e23cc21" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a6937325-9321-4e2e-bb2b-3ed2d40b2a9d" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "a718a0c8-5768-41a1-9958-a1cc3f995e99" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "a750a9f6-0bde-4bb3-9aae-1e2786e9780c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a9d4b653-6915-42af-98b2-5758c4ceee56" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a9e2cea0-c805-4bf8-9e31-f5f0513a3634" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ac08589e-ee59-4935-8667-d845e38fe579" ,
"type" : "detects"
} ,
{
"dest-uuid" : "acd0ba37-7ba9-4cc5-ac61-796586cd856d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b200542e-e877-4395-875b-cf1a44537ca4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b21c3b2d-02e6-45b1-980b-e69051040839" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b22e5153-ac28-4cc6-865c-2054e36285cb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b3d682b6-98f2-4fb0-aa3b-b4df007ca70a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b5327dd1-6bf9-4785-a199-25bcbd1f4a9d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b6075259-dba3-44e9-87c7-e954f37ec0d5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b6301b64-ef57-4cce-bb0b-77026f14a8db" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b63a34e8-0a61-4c97-a23b-bf8a2ed812e2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b80d107d-fa0d-4b60-9684-b0433e8bdba0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b83e166d-13d7-4b52-8677-dff90c548fd7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b84903f0-c7d5-435d-a69e-de47cc3578c0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b97f1d35-4249-4486-a6b5-ee60ccf24fab" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bb5a00de-e086-4859-a231-fa793f6797e2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bc0f5e80-91c0-4e04-9fbb-e4e332c85dae" ,
"type" : "detects"
} ,
{
"dest-uuid" : "be2dcee9-a7a7-4e38-afd6-21b31ecc3d63" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bef8aaee-961d-4359-a308-4c2182bcedff" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf147104-abf9-4221-95d1-e81585859441" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf90d72c-c00b-45e3-b3aa-68560560d4c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf96a5a3-3bce-43b7-8597-88545984c07b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c0dfe7b0-b873-4618-9ff8-53e31f70907f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c1b68a96-3c48-49ea-a6c0-9b27359f9c19" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c32f7008-9fea-41f7-8366-5eb9b74bd896" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c48a67ee-b657-45c1-91bf-6cdbe27205f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c615231b-f253-4f58-9d47-d5b4cbdb6839" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c63a348e-ffc2-486a-b9d9-d7f11ec54d99" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c726e0a2-a57a-4b7b-a973-d0f013246617" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c877e33f-1df6-40d6-b1e7-ce70f16f4979" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c8e87b83-edbb-48d4-9295-4974897525b7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c92e3d68-2349-49e4-a341-7edca2deff96" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cba37adb-d6fb-4610-b069-dd04c0643384" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cbb66055-0325-4111-aca0-40547b6ad5b0" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "cc279e50-df85-4c8e-be80-6dc2eda8849c" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "cc3502b5-30cc-4473-ad48-42d51a6ef6d1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cc89ecbd-3d33-4a41-bcca-001e702d18fd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cd25c1b4-935c-4f0e-ba8d-552f28bc4783" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ce4b7013-640e-48a9-b501-d0025a95f4bf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d157f9d2-d09a-4efa-bb2a-64963f94e253" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d1fcf083-a721-4223-aedf-bf8960798d62" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d2c4e5ea-dbdf-4113-805a-b1e2a337fb33" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d336b553-5da9-46ca-98a8-0b23f49fb447" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d456de47-a16f-4e46-8980-e67478a12dcb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d45a3d09-b3cf-48f4-9f0f-f521ee5cb05c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d742a578-d70e-4d0e-96a6-02a9c30204e6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d94b3ae9-8059-4989-8e9f-ea0f601f80a7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "da051493-ae9c-4b1b-9760-c009c46c9b56" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dc31fe1e-d722-49da-8f5f-92c7b5aff534" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dca670cf-eeec-438f-8185-fd959d9ef211" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dcaa092b-7de9-4a21-977f-7fcb77e89c48" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dfd7cc1d-e1d8-4394-a198-97c4cab8aa67" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dfefe2ed-4389-4318-8762-f0272b350a1b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e0033c16-a07e-48aa-8204-7c3ca669998c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e01be9c5-e763-4caf-aeb7-000b416aef67" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e0232cb0-ded5-4c2e-9dc7-2893142a5c11" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e358d692-23c0-4a31-9eb6-ecc13a8d7735" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e3b6daca-e963-4a69-aee6-ed4fd653ad58" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e4dc8c01-417f-458d-9ee0-bb0617c1b391" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e6415f09-df0e-48de-9aba-928c902b7549" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e64c62cf-9cd7-4a14-94ec-cdaac43ab44b" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "e6f19759-dde3-47fc-99cc-d9f5fa4ade60" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e8a0a025-3601-4755-abfb-8d08283329fb" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "eb062747-2193-45de-8fa2-e62549c37ddf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "eb125d40-0b2d-41ac-a71a-3229241c2cd3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ebbe170d-aa74-4946-8511-9921243415a3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ec8fc7e2-b356-455c-8db5-2e37be158e7d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ed7efd4d-ce28-4a19-a8e6-c58011eb2c7a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f1951e8a-500e-4a26-8803-76d95c4554b4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f244b8dd-af6c-4391-a497-fc03627ce995" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "f2857333-11d4-45bf-b064-2c28d8525be5" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "f3c544dc-673c-4ef3-accb-53229f1ae077" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f3d95a1f-bba2-44ce-9af7-37866cd63fd0" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "f4c3f644-ab33-433d-8648-75cc03a95792" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "f5d8eed6-48a9-4cdf-a3d7-d1ffa99c3d2a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f63fe421-b1d1-45c0-b8a7-02cd16ff2bed" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f6fe9070-7a65-49ea-ae72-76292f42cebe" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fb640c43-aa6b-431e-a961-a279010424ac" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fe926152-f431-4baf-956c-4ad3cb0bf23b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ff25900d-76d5-449b-a351-8824e62fc81b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ff73aa03-0090-4464-83ac-f89e233c02bc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ffbcfdb0-de22-4106-9ed3-fc23c8a01407" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ffe59ad3-ad9b-4b9f-b74f-5beb3c309dc1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ffeb0780-356e-4261-b036-cfb6bd234335" ,
"type" : "detects"
}
] ,
"uuid" : "3d20385b-24ef-40e1-9f56-f39750379077" ,
"value" : "Process Creation"
} ,
{
"description" : "Initial construction of a new pod (ex: kubectl apply|run)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "5263cb33-08cc-4a68-820f-004e1e400d76" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "56e0d8b8-3e25-49dd-9050-3aa252f5aa92" ,
"type" : "detects"
}
] ,
"uuid" : "5263cb33-08cc-4a68-820f-004e1e400d76" ,
"value" : "Pod Creation"
} ,
{
"description" : "Queried or logged information highlighting current and expired digital certificates (ex: Certificate transparency)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "19401639-28d0-4c3c-adcc-bc2ba22f6421" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1dad5aa4-4bb5-45e4-9e42-55d40003cfa6" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "ce0687a0-e692-4b77-964a-0784a8e54ff1" ,
"type" : "detects"
}
] ,
"uuid" : "1dad5aa4-4bb5-45e4-9e42-55d40003cfa6" ,
"value" : "Certificate Registration"
} ,
{
"description" : "Logged network traffic in response to a scan showing both protocol header and body values" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0458aab9-ad42-4eac-9e22-706a95bafee2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "04a5a8ab-3bc8-4c83-95c9-55274a89786d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "09312b1a-c3c6-4b45-9844-3ccc78e5d82f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0dcbbf4f-929c-489a-b66b-9b820d3f7f0e" ,
"type" : "included-in"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "149b477f-f364-4824-b1b5-aa1d56115869" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "155207c0-7f53-4f13-a06b-0a9907ef5096" ,
"type" : "detects"
} ,
{
"dest-uuid" : "19401639-28d0-4c3c-adcc-bc2ba22f6421" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1cec9319-743b-4840-bb65-431547bce82a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "24286c33-d4a4-4419-85c2-1d094a896c26" ,
"type" : "detects"
} ,
{
"dest-uuid" : "31fe0ba2-62fd-4fd9-9293-4043d84f7fe9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "39cc9f64-cf74-4a48-a4d8-fe98c54a02e0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3ee16395-03f0-4690-a32e-69ce9ada0f9e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "506f6f49-7045-4156-9007-7474cb44ad6d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "60c4b628-4807-4b0b-bbf5-fdac8643c337" ,
"type" : "detects"
} ,
{
"dest-uuid" : "774ad5bb-2366-4c13-a8a9-65e50b292e7c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "79da0971-3147-4af6-a4f5-e8cd447cd795" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7e3beebd-8bfe-4e7b-a892-e44ab06a75f9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "84771bc3-f6a0-403e-b144-01af70e5fda0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "84ae8255-b4f4-4237-b5c5-e717405a9701" ,
"type" : "detects"
} ,
{
"dest-uuid" : "88d31120-5bc7-4ce3-a9c0-7cf147be8e54" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ae797531-3219-49a4-bccf-324ad7a4c7b2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "baf60e1a-afe5-4d31-830f-1b1ba2351884" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c071d8c1-3b3a-4f22-9407-ca4e96921069" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ce0687a0-e692-4b77-964a-0784a8e54ff1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "df1bc34d-1634-4c93-b89e-8120994fce77" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e196b5c5-8118-4a1c-ab8a-936586ce3db5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e5d550f3-2202-4634-85f2-4a200a1d49b3" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "eb897572-8979-4242-a089-56f294f4c91d" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "edadea33-549c-4ed1-9783-8f5a5853cbdf" ,
"type" : "detects"
}
] ,
"uuid" : "0dcbbf4f-929c-489a-b66b-9b820d3f7f0e" ,
"value" : "Response Content"
} ,
{
"description" : "Initial construction of a new snapshot (ex: AWS create-snapshot)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3da222e6-53f3-451c-a239-0b405c009432" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "d4bdbdea-eaec-4071-b4f9-5105e12ea4b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ed2e45f9-d338-4eb2-8ce5-3a2e03323bc1" ,
"type" : "detects"
}
] ,
"uuid" : "3da222e6-53f3-451c-a239-0b405c009432" ,
"value" : "Snapshot Creation"
} ,
{
"description" : "Activation or invocation of a container (ex: docker start or docker restart)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "56e0d8b8-3e25-49dd-9050-3aa252f5aa92" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5fe82895-28e5-4aac-845e-dc886b63be2e" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "8c32eb4d-805f-4fc5-bf60-c4d476c131b5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b0c74ef9-c61e-4986-88cb-78da98a355ec" ,
"type" : "detects"
}
] ,
"uuid" : "5fe82895-28e5-4aac-845e-dc886b63be2e" ,
"value" : "Container Start"
} ,
{
"description" : "Initial construction of a new service/daemon (ex: Windows EID 4697 or /var/log daemon logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "035bb001-ab69-4a0b-9f6c-2de8b09e1b9d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "106c0cf6-bf73-4601-9aa8-0945c2715ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22905430-4901-4c2a-84f6-98243cb173f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2959d63f-73fd-46a1-abd2-109d7dcede32" ,
"type" : "detects"
} ,
{
"dest-uuid" : "42e8de7b-37b2-4258-905a-6897815e58e0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5297a638-1382-4f0c-8472-0d21830bf705" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "573ad264-1371-4ae0-8482-d2673b719dba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "650c784b-7504-4df7-ab2c-4ea882384d1e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7bdca9d5-d500-4d7d-8c52-5fd47baf4c0c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "810aa4ad-61c9-49cb-993f-daa06199421d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b5327dd1-6bf9-4785-a199-25bcbd1f4a9d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d10cbd34-42e3-45c0-84d2-535a09849584" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d157f9d2-d09a-4efa-bb2a-64963f94e253" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dfefe2ed-4389-4318-8762-f0272b350a1b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f1951e8a-500e-4a26-8803-76d95c4554b4" ,
"type" : "detects"
}
] ,
"uuid" : "5297a638-1382-4f0c-8472-0d21830bf705" ,
"value" : "Service Creation"
} ,
{
"description" : "Initial construction of a cloud volume (ex: AWS create-volume)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dad75cc7-5bae-4175-adb4-ca1962d8650e" ,
"type" : "included-in"
}
] ,
"uuid" : "dad75cc7-5bae-4175-adb4-ca1962d8650e" ,
"value" : "Volume Creation"
} ,
{
"description" : "Deactivation or stoppage of a cloud service (ex: Write/Delete entries within Azure Firewall Activity Logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5372c5fe-f424-4def-bcd5-d3a8e770f07b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "77532a55-c283-4cd2-bc5d-2d0b65e9d88c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c97d0171-f6e0-4415-85ff-4082fdb8c72a" ,
"type" : "included-in"
}
] ,
"uuid" : "c97d0171-f6e0-4415-85ff-4082fdb8c72a" ,
"value" : "Firewall Disable"
} ,
{
"description" : "Removal of a file (ex: Sysmon EID 23, macOS ESF EID ES_EVENT_TYPE_AUTH_UNLINK, or Linux commands auditd unlink, rename, rmdir, unlinked, or renameat rules)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "1cfcb312-b8d7-47a4-b560-4b16cc677292" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2bce5b30-7014-4a5d-ade7-12913fe6ac36" ,
"type" : "detects"
} ,
{
"dest-uuid" : "32ad5c86-2bcf-47d8-8fdc-d7f3d79a7490" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3aef9463-9a7a-43ba-8957-a867e07c1e6a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "438c967d-3996-4870-bfc2-3954752a1927" ,
"type" : "detects"
} ,
{
"dest-uuid" : "562e9b64-7239-493d-80f4-2bff900d9054" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6495ae23-3ab4-43c5-a94f-5638a2c31fd2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "799ace7f-e227-4411-baa0-8868704f2a69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "960c3c86-1480-4d72-b4e0-8c242e84a5c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ac9e6b22-11bf-45d7-9181-c1cb08360931" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d2c4e5ea-dbdf-4113-805a-b1e2a337fb33" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d45a3d09-b3cf-48f4-9f0f-f521ee5cb05c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d63a3fb8-9452-4e9d-a60a-54be68d5998c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e905dad2-00d6-477c-97e8-800427abd0e8" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "f5d8eed6-48a9-4cdf-a3d7-d1ffa99c3d2a" ,
"type" : "detects"
}
] ,
"uuid" : "e905dad2-00d6-477c-97e8-800427abd0e8" ,
"value" : "File Deletion"
} ,
{
"description" : "Removal of an instance (ex: instance.delete within GCP Audit Logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "70857657-bd0b-4695-ad3e-b13f92cac1b4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7561ed50-16cb-4826-82c7-c1ddca61785e" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "d45a3d09-b3cf-48f4-9f0f-f521ee5cb05c" ,
"type" : "detects"
}
] ,
"uuid" : "7561ed50-16cb-4826-82c7-c1ddca61785e" ,
"value" : "Instance Deletion"
} ,
{
"description" : "Removal of a virtual machine image (ex: Azure Compute Service Images DELETE)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "8b4ca854-ac08-47da-b24f-601b28a39aff" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "d45a3d09-b3cf-48f4-9f0f-f521ee5cb05c" ,
"type" : "detects"
}
] ,
"uuid" : "8b4ca854-ac08-47da-b24f-601b28a39aff" ,
"value" : "Image Deletion"
} ,
{
"description" : "Attaching a driver to either user or kernel-mode of a system (ex: Sysmon EID 6)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "09a60ea3-a8d1-4ae5-976e-5783248b72a4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0af0ca99-357d-4ba1-805f-674fdfb7bef9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "106c0cf6-bf73-4601-9aa8-0945c2715ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1988cc35-ced8-4dad-b2d1-7628488fa967" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2959d63f-73fd-46a1-abd2-109d7dcede32" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2de47683-f398-448f-b947-9abcc3e32fad" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3551476e-14f5-4e48-a518-e82135329e03" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ac08589e-ee59-4935-8667-d845e38fe579" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b21c3b2d-02e6-45b1-980b-e69051040839" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bb5a00de-e086-4859-a231-fa793f6797e2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dd43c543-bb85-4a6f-aa6e-160d90d06a49" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f0589bc3-a6ae-425a-a3d5-5659bfee07f4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fb640c43-aa6b-431e-a961-a279010424ac" ,
"type" : "detects"
}
] ,
"uuid" : "3551476e-14f5-4e48-a518-e82135329e03" ,
"value" : "Driver Load"
} ,
{
"description" : "Contextual data about a driver and activity around it such as driver issues reporting or integrity (page hash, code) checking" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "791481f8-e96a-41be-b089-a088763083d4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7f0ca133-88c4-40c6-a62f-b3083a7fbc2e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f5a9a1dd-82f9-41a3-85b8-13e5b9cd6c79" ,
"type" : "included-in"
}
] ,
"uuid" : "f5a9a1dd-82f9-41a3-85b8-13e5b9cd6c79" ,
"value" : "Driver Metadata"
} ,
{
"description" : "Changes made to a drive letter or mount point of a data storage device" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0af0ca99-357d-4ba1-805f-674fdfb7bef9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0f20e3cb-245b-4a61-8a91-2d93f7cb0e9b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1988cc35-ced8-4dad-b2d1-7628488fa967" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1b7b1806-7746-41a1-a35d-e48dae25ddba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4dcd8ba3-2075-4f8b-941e-39884ffaac08" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "7f0ca133-88c4-40c6-a62f-b3083a7fbc2e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fb640c43-aa6b-431e-a961-a279010424ac" ,
"type" : "detects"
}
] ,
"uuid" : "4dcd8ba3-2075-4f8b-941e-39884ffaac08" ,
"value" : "Drive Modification"
} ,
{
"description" : "Logged domain name system (DNS) data highlighting timelines of domain to IP address resolutions (ex: passive DNS)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0458aab9-ad42-4eac-9e22-706a95bafee2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "40f5caa0-4cb7-4117-89fc-d421bb493df3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7e3beebd-8bfe-4e7b-a892-e44ab06a75f9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c2f59d25-87fe-44aa-8f83-e8e59d077bf5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cc150ad8-ecfa-4340-9aaa-d21165873bd4" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "f9cc4d06-775f-4ee1-b401-4e2cc0da30ba" ,
"type" : "detects"
}
] ,
"uuid" : "cc150ad8-ecfa-4340-9aaa-d21165873bd4" ,
"value" : "Passive DNS"
} ,
{
"description" : "Information about domain name assignments and other domain metadata (ex: WHOIS)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0458aab9-ad42-4eac-9e22-706a95bafee2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "40f5caa0-4cb7-4117-89fc-d421bb493df3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7e3beebd-8bfe-4e7b-a892-e44ab06a75f9" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "eb897572-8979-4242-a089-56f294f4c91d" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "f9cc4d06-775f-4ee1-b401-4e2cc0da30ba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ff9b665a-598b-4bcb-8b2a-a87566aa1256" ,
"type" : "included-in"
}
] ,
"uuid" : "ff9b665a-598b-4bcb-8b2a-a87566aa1256" ,
"value" : "Domain Registration"
} ,
{
"description" : "Removal of a snapshot (ex: AWS delete-snapshot)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "16e07530-764b-4d83-bae0-cdbfc31bf21d" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "d45a3d09-b3cf-48f4-9f0f-f521ee5cb05c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f5d8eed6-48a9-4cdf-a3d7-d1ffa99c3d2a" ,
"type" : "detects"
}
] ,
"uuid" : "16e07530-764b-4d83-bae0-cdbfc31bf21d" ,
"value" : "Snapshot Deletion"
} ,
{
"description" : "Removal of a a cloud volume (ex: AWS delete-volume)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3acecdde-c327-4498-9bb8-33a2e63c6c57" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "d45a3d09-b3cf-48f4-9f0f-f521ee5cb05c" ,
"type" : "detects"
}
] ,
"uuid" : "3acecdde-c327-4498-9bb8-33a2e63c6c57" ,
"value" : "Volume Deletion"
} ,
{
"description" : "An extracted list of available firewalls and/or their associated settings/rules (ex: Azure Network Firewall CLI Show commands)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "bf91faa8-0049-4870-810a-4df55e0b77ee" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "cba37adb-d6fb-4610-b069-dd04c0643384" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e3b6daca-e963-4a69-aee6-ed4fd653ad58" ,
"type" : "detects"
}
] ,
"uuid" : "bf91faa8-0049-4870-810a-4df55e0b77ee" ,
"value" : "Firewall Enumeration"
} ,
{
"description" : "An extracted list of available groups and/or their associated settings (ex: AWS list-groups)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "15dbf668-795c-41e6-8219-f0447c0e64ce" ,
"type" : "detects"
} ,
{
"dest-uuid" : "16e94db9-b5b1-4cd0-b851-f38fbd0a70f2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "21875073-b0ee-49e3-9077-1e2a885359af" ,
"type" : "detects"
} ,
{
"dest-uuid" : "25659dd6-ea12-45c4-97e6-381e3e4b593e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2aed01ad-3df3-4410-a8cb-11ea4ded587c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8e44412e-3238-4d64-8878-4f11e27784fe" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "a01bf75f-00b2-4568-a58f-565ff9bf202b" ,
"type" : "detects"
}
] ,
"uuid" : "8e44412e-3238-4d64-8878-4f11e27784fe" ,
"value" : "Group Enumeration"
} ,
{
"description" : "An extracted list of instances within a cloud environment (ex: instance.list within GCP Audit Logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "2a80d95f-08c4-48e3-833e-151ef19d90f5" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "57a3d31a-d04f-4663-b2da-7df8ec3f8c9d" ,
"type" : "detects"
}
] ,
"uuid" : "2a80d95f-08c4-48e3-833e-151ef19d90f5" ,
"value" : "Instance Enumeration"
} ,
{
"description" : "An extracted list of pods within a cluster (ex: kubectl get pods)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0470e792-32f8-46b0-a351-652bc35e9336" ,
"type" : "detects"
} ,
{
"dest-uuid" : "07688e40-a7fa-4436-937f-1216674341a0" ,
"type" : "included-in"
}
] ,
"uuid" : "07688e40-a7fa-4436-937f-1216674341a0" ,
"value" : "Pod Enumeration"
} ,
{
"description" : "An extracted list of snapshops within a cloud environment (ex: AWS describe-snapshots)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "57a3d31a-d04f-4663-b2da-7df8ec3f8c9d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ffd73905-2e51-4f2d-8549-e72fb0eb6c38" ,
"type" : "included-in"
}
] ,
"uuid" : "ffd73905-2e51-4f2d-8549-e72fb0eb6c38" ,
"value" : "Snapshot Enumeration"
} ,
{
"description" : "The execution of a text file that contains code via the interpreter (e.g. Powershell, WMI, Windows EID 4104, etc.)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "09cd431f-eaf4-4d2a-acaf-2a7acfe7ed58" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0f4a0c76-ab2d-4cb0-85d3-3f0efb8cba0d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "143c0cbb-a297-4142-9624-87ffc778980b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1b20efbf-8063-4fc3-a07d-b575318a301b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22905430-4901-4c2a-84f6-98243cb173f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "232a7e42-cd6e-4902-8fe9-2960f529dd4d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2f6b4ed7-fef1-44ba-bcb8-1b4beb610b64" ,
"type" : "detects"
} ,
{
"dest-uuid" : "30208d3e-0d6b-43c8-883e-44462a514619" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3c4a2599-71ee-4405-ba1e-0e28414b4bc5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3ccef7ae-cb5e-48f6-8302-897105fbf55c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "41868330-6ee2-4d0f-b743-9f2294c3c9b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4933e63b-9b77-476e-ab29-761bc5b7d15a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4eb28bed-d11a-4641-9863-c2ac017d910a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "53ac20cd-aca3-406e-9aa0-9fc7fdc60a5a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "707399d6-ab3e-4963-9315-d9d3818cd6a0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7385dfaf-6886-4229-9ecd-6fd678040830" ,
"type" : "detects"
} ,
{
"dest-uuid" : "767dbf9e-df3f-45cb-8998-4903ab5f80c0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "774a3188-6ba9-4dc4-879d-d54ee48a5ce9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "970a3432-3237-47ad-bcca-7d8cbb217736" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9f387817-df83-432a-b56b-a8fb7f71eedd" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "a2029942-0a85-4947-b23c-ca434698171d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "acd0ba37-7ba9-4cc5-ac61-796586cd856d" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "afddee82-3385-4682-ad90-eeced33f2d07" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "b3d682b6-98f2-4fb0-aa3b-b4df007ca70a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c898c4b5-bf36-4e6e-a4ad-5b8c4c13e35b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cbb66055-0325-4111-aca0-40547b6ad5b0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d50955c2-272d-4ac8-95da-10c29dda1c48" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d511a6f6-4a33-41d5-bc95-c343875d1377" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d94b3ae9-8059-4989-8e9f-ea0f601f80a7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dfd7cc1d-e1d8-4394-a198-97c4cab8aa67" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "e6f19759-dde3-47fc-99cc-d9f5fa4ade60" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "f6fe9070-7a65-49ea-ae72-76292f42cebe" ,
"type" : "detects"
}
] ,
"uuid" : "9f387817-df83-432a-b56b-a8fb7f71eedd" ,
"value" : "Script Execution"
} ,
{
"description" : "An extracted list of available volumes within a cloud environment (ex: AWS describe-volumes)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "57a3d31a-d04f-4663-b2da-7df8ec3f8c9d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ec225357-8197-47a4-a9cd-57741d592877" ,
"type" : "included-in"
}
] ,
"uuid" : "ec225357-8197-47a4-a9cd-57741d592877" ,
"value" : "Volume Enumeration"
} ,
{
"description" : "Contextual data about a firewall and activity around it such as name, policy, or status" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "746f095a-f84c-4ccc-90a5-c7caa5c100a2" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "cba37adb-d6fb-4610-b069-dd04c0643384" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e3b6daca-e963-4a69-aee6-ed4fd653ad58" ,
"type" : "detects"
}
] ,
"uuid" : "746f095a-f84c-4ccc-90a5-c7caa5c100a2" ,
"value" : "Firewall Metadata"
} ,
{
"description" : "Contextual data about a file, which may include information such as name, the content (ex: signature, headers, or data/media), user/owner, permissions, etc." ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "045d0922-2310-4e60-b5e4-3302302cb3c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0533ab23-3f7d-463f-9bd8-634d27e4dee1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "09b130a2-a77e-4af0-a361-f46f9aad1345" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "0d91b3c0-5e50-47c3-949a-2a796f04d144" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "10ff21b9-5a01-4268-a1b5-3b55015f1847" ,
"type" : "detects"
} ,
{
"dest-uuid" : "11f29a39-0942-4d62-92b6-fe236cf3066e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "191cc6af-1bb2-4344-ab5f-28e496638720" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1c4e5d32-1fe9-4116-9d9d-59e3925bd6a2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22905430-4901-4c2a-84f6-98243cb173f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2959d63f-73fd-46a1-abd2-109d7dcede32" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2f41939b-54c3-41d6-8f8b-35f1ec18ed97" ,
"type" : "detects"
} ,
{
"dest-uuid" : "31a0a2ac-c67c-4a7e-b9ed-6a96477d4e8e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "32901740-b42c-4fdd-bc02-345b5dc57082" ,
"type" : "detects"
} ,
{
"dest-uuid" : "32ad5c86-2bcf-47d8-8fdc-d7f3d79a7490" ,
"type" : "detects"
} ,
{
"dest-uuid" : "34e793de-0274-4982-9c1a-246ed1c19dee" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3f18edba-28f4-4bb9-82c3-8aa60dcac5f7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "42e8de7b-37b2-4258-905a-6897815e58e0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43e7dc91-05b2-474c-b9ac-2ed4fe101f4d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "47f2d673-ca62-47e9-929b-1b0be9657611" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5bfccc3f-2326-4112-86cc-c1ece9d8a2b5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "639e87f3-acb6-448a-9645-258f20da4bc5" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "65917ae0-b854-4139-83fe-bf2441cf0196" ,
"type" : "detects"
} ,
{
"dest-uuid" : "67720091-eee3-4d2d-ae16-8264567f6f5b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6831414d-bb70-42b7-8030-d4e06b2660c9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7007935a-a8a7-4c0b-bd98-4e85be8ed197" ,
"type" : "detects"
} ,
{
"dest-uuid" : "77eae145-55db-4519-8ae5-77b0c7215d69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "799ace7f-e227-4411-baa0-8868704f2a69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7e7c2fba-7cca-486c-9582-4c1bb2851961" ,
"type" : "detects"
} ,
{
"dest-uuid" : "887274fc-2d63-4bdc-82f3-fae56d1d5fdc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "960c3c86-1480-4d72-b4e0-8c242e84a5c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ac9e6b22-11bf-45d7-9181-c1cb08360931" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b22e5153-ac28-4cc6-865c-2054e36285cb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b3d682b6-98f2-4fb0-aa3b-b4df007ca70a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b4b7458f-81f2-4d38-84be-1c5ba0167a52" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "b577dfc1-0177-4522-8d5a-782127c8592b" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "b6301b64-ef57-4cce-bb0b-77026f14a8db" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b83e166d-13d7-4b52-8677-dff90c548fd7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bd369cd9-abb8-41ce-b5bb-fff23ee86c00" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bd5b58a4-a52d-4a29-bc0d-3f1d3968eb6b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf90d72c-c00b-45e3-b3aa-68560560d4c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c2e147a9-d1a8-4074-811a-d8789202d916" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c726e0a2-a57a-4b7b-a973-d0f013246617" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c898c4b5-bf36-4e6e-a4ad-5b8c4c13e35b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d511a6f6-4a33-41d5-bc95-c343875d1377" ,
"type" : "detects"
} ,
{
"dest-uuid" : "deb98323-e13f-4b0c-8d94-175379069062" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e51137a5-1cdc-499e-911a-abaedaa5ac86" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ea4c2f9c-9df1-477c-8c42-6da1118f2ac4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ec8fc7e2-b356-455c-8db5-2e37be158e7d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f2857333-11d4-45bf-b064-2c28d8525be5" ,
"type" : "detects"
}
] ,
"uuid" : "639e87f3-acb6-448a-9645-258f20da4bc5" ,
"value" : "File Metadata"
} ,
{
"description" : "Changes made to firmware, including its settings and/or data, such as MBR (Master Boot Record) and VBR (Volume Boot Record)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0f20e3cb-245b-4a61-8a91-2d93f7cb0e9b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "16ab6452-c3c1-497c-a47d-206018ca1ada" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22905430-4901-4c2a-84f6-98243cb173f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "28abec6c-4443-4b03-8206-07f2e264a6b4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "791481f8-e96a-41be-b089-a088763083d4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7f0ca133-88c4-40c6-a62f-b3083a7fbc2e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a6557c75-798f-42e4-be70-ab4502e0a3bc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b9d031bb-d150-4fc6-8025-688201bf3ffd" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "dfebc3b7-d19d-450b-81c7-6dafe4184c04" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f5bb433e-bdf6-4781-84bc-35e97e43be89" ,
"type" : "detects"
}
] ,
"uuid" : "b9d031bb-d150-4fc6-8025-688201bf3ffd" ,
"value" : "Firmware Modification"
} ,
{
"description" : "Changes made to a file, or its access permissions and attributes, typically to alter the contents of the targeted file (ex: Windows EID 4670 or Sysmon EID 2)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "005a06c6-14bf-4118-afa0-ebcd8aebb0c9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "03259939-0b57-482f-8eb5-87c0e0d54334" ,
"type" : "detects"
} ,
{
"dest-uuid" : "06c00069-771a-4d57-8ef5-d3718c1a8771" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0cf55441-b176-4332-89e7-2c4c7799d0ff" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0cfe31a7-81fc-472c-bc45-e2808d1066a3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0f20e3cb-245b-4a61-8a91-2d93f7cb0e9b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0f2c410d-d740-4ed9-abb1-b8f4a7faf6c3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "106c0cf6-bf73-4601-9aa8-0945c2715ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "10ff21b9-5a01-4268-a1b5-3b55015f1847" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1365fe3b-0f50-455d-b4da-266ce31c23b0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1cfcb312-b8d7-47a4-b560-4b16cc677292" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1f9012ef-1e10-4e48-915e-e03563435fe8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "208884f1-7b83-4473-ac22-4e1cf6c41471" ,
"type" : "detects"
} ,
{
"dest-uuid" : "20fb2507-d71c-455d-9b6d-6104461cf26b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "22905430-4901-4c2a-84f6-98243cb173f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "246fd3c7-f5e3-466d-8787-4c13d9e3b61c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2acf44aa-542f-4366-b4eb-55ef5747759c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2bce5b30-7014-4a5d-ade7-12913fe6ac36" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2c4d4e92-0ccf-4a97-b54c-86d662988a53" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2fee9321-3e71-4cf4-af24-d4d40d355b34" ,
"type" : "detects"
} ,
{
"dest-uuid" : "31a0a2ac-c67c-4a7e-b9ed-6a96477d4e8e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "32ad5c86-2bcf-47d8-8fdc-d7f3d79a7490" ,
"type" : "detects"
} ,
{
"dest-uuid" : "34f1d81d-fe88-4f97-bd3b-a3164536255d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "35dd844a-b219-4e2b-a6bb-efa9a75995a9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "379809f6-2fac-42c1-bd2e-e9dee70b27f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3975dbb5-0e1e-4f5b-bae1-cf2ab84b46dc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3a40f208-a9c1-4efa-a598-4003c3681fb8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3aef9463-9a7a-43ba-8957-a867e07c1e6a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3ccef7ae-cb5e-48f6-8302-897105fbf55c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "42e8de7b-37b2-4258-905a-6897815e58e0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "42fe883a-21ea-4cfb-b94a-78b6476dcc83" ,
"type" : "detects"
} ,
{
"dest-uuid" : "438c967d-3996-4870-bfc2-3954752a1927" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43ba2b05-cf72-4b6c-8243-03a4aba41ee0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43e7dc91-05b2-474c-b9ac-2ed4fe101f4d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "47f2d673-ca62-47e9-929b-1b0be9657611" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4ab929c6-ee2d-4fb5-aab4-b14be2ed7179" ,
"type" : "detects"
} ,
{
"dest-uuid" : "543fceb5-cb92-40cb-aacf-6913d4db58bc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "54ca26f3-c172-4231-93e5-ccebcac2161f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "562e9b64-7239-493d-80f4-2bff900d9054" ,
"type" : "detects"
} ,
{
"dest-uuid" : "573ad264-1371-4ae0-8482-d2673b719dba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "58af3705-8740-4c68-9329-ec015a7013c2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5909f20f-3c39-4795-be06-ef1ea40d350b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5d0d3609-d06d-49e1-b9c9-b544e0c618cb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "63220765-d418-44de-8fae-694b3912317d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "633a100c-b2c9-41bf-9be5-905c1b16c825" ,
"type" : "detects"
} ,
{
"dest-uuid" : "67720091-eee3-4d2d-ae16-8264567f6f5b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6831414d-bb70-42b7-8030-d4e06b2660c9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "69e5226d-05dc-4f15-95d7-44f5ed78d06e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6b57dc31-b814-4a03-8706-28bc20d739c4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "70d81154-b187-45f9-8ec5-295d01255979" ,
"type" : "detects"
} ,
{
"dest-uuid" : "70e52b04-2a0c-4cea-9d18-7149f1df9dc5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "799ace7f-e227-4411-baa0-8868704f2a69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "79a47ad0-fc3b-4821-9f01-a026b1ddba21" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7d20fff9-8751-404e-badd-ccd71bda0236" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7efba77e-3bc4-4ca5-8292-d8201dcd64b5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "810aa4ad-61c9-49cb-993f-daa06199421d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "84572de3-9583-4c73-aabd-06ea88123dd8" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "84601337-6a55-4ad7-9c35-79e0d1ea2ab3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c41090b-aa47-4331-986b-8c9a51a91103" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c4aef43-48d5-49aa-b2af-c0cd58d30c3d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "960c3c86-1480-4d72-b4e0-8c242e84a5c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9c45eaa3-8604-4780-8988-b5074dbb9ecd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9e8b28c9-35fe-48ac-a14d-e6cc032dcbcd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9efb1ea7-c37b-4595-9640-b7680cd84279" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a10641f4-87b4-45a3-a906-92a149cb2c27" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a1b52199-c8c5-438a-9ded-656f1d0888c6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a542bac9-7bc1-4da7-9a09-96f69e23cc21" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ac9e6b22-11bf-45d7-9181-c1cb08360931" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ae7f3575-0a5e-427e-991b-fe03ad44c754" ,
"type" : "detects"
} ,
{
"dest-uuid" : "aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b46a801b-fd98-491c-a25a-bca25d6e3001" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b6301b64-ef57-4cce-bb0b-77026f14a8db" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b63a34e8-0a61-4c97-a23b-bf8a2ed812e2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b77cf5f3-6060-475d-bd60-40ccbf28fdc2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b80d107d-fa0d-4b60-9684-b0433e8bdba0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b83e166d-13d7-4b52-8677-dff90c548fd7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bb5a00de-e086-4859-a231-fa793f6797e2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bd5b58a4-a52d-4a29-bc0d-3f1d3968eb6b" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "be2dcee9-a7a7-4e38-afd6-21b31ecc3d63" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "bf96a5a3-3bce-43b7-8597-88545984c07b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c0dfe7b0-b873-4618-9ff8-53e31f70907f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c63a348e-ffc2-486a-b9d9-d7f11ec54d99" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cbb66055-0325-4111-aca0-40547b6ad5b0" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "cc36eeae-2209-4e63-89d3-c97e19edf280" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "ce4b7013-640e-48a9-b501-d0025a95f4bf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d10cbd34-42e3-45c0-84d2-535a09849584" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d157f9d2-d09a-4efa-bb2a-64963f94e253" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d201d4cc-214d-4a74-a1ba-b3fa09fd4591" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d245808a-7086-4310-984a-a84aaaa43f8f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d2c4e5ea-dbdf-4113-805a-b1e2a337fb33" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d456de47-a16f-4e46-8980-e67478a12dcb" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d45a3d09-b3cf-48f4-9f0f-f521ee5cb05c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d4b96d2c-1032-4b22-9235-2b5b649d0605" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dca670cf-eeec-438f-8185-fd959d9ef211" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dfebc3b7-d19d-450b-81c7-6dafe4184c04" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dfefe2ed-4389-4318-8762-f0272b350a1b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e0232cb0-ded5-4c2e-9dc7-2893142a5c11" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e5cc9e7a-e61a-46a1-b869-55fb6eab058e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e64c62cf-9cd7-4a14-94ec-cdaac43ab44b" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "e8a0a025-3601-4755-abfb-8d08283329fb" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "ea071aa0-8f17-416f-ab0d-2bab7e79003d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ed7efd4d-ce28-4a19-a8e6-c58011eb2c7a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f0589bc3-a6ae-425a-a3d5-5659bfee07f4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f2857333-11d4-45bf-b064-2c28d8525be5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f3d95a1f-bba2-44ce-9af7-37866cd63fd0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4c1826f-a322-41cd-9557-562100848c84" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "f4c3f644-ab33-433d-8648-75cc03a95792" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "fa44a152-ac48-441e-a524-dd7b04b8adcd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fc742192-19e3-466c-9eb5-964a97b29490" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fc74ba38-dc98-461f-8611-b3dbf9978e3d" ,
"type" : "detects"
}
] ,
"uuid" : "84572de3-9583-4c73-aabd-06ea88123dd8" ,
"value" : "File Modification"
} ,
{
"description" : "Contextual data about a group which describes group and activity around it, such as name, permissions, or user accounts within the group" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "15dbf668-795c-41e6-8219-f0447c0e64ce" ,
"type" : "detects"
} ,
{
"dest-uuid" : "16e94db9-b5b1-4cd0-b851-f38fbd0a70f2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8d8c7cac-94cf-4726-8989-cab33851168c" ,
"type" : "included-in"
}
] ,
"uuid" : "8d8c7cac-94cf-4726-8989-cab33851168c" ,
"value" : "Group Metadata"
} ,
{
"description" : "Changes made to a group, such as membership, name, or permissions (ex: Windows EID 4728 or 4732, AWS IAM UpdateGroup)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "05d5b5b4-ef93-4807-b05f-33d8c5a35bc5" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "a10641f4-87b4-45a3-a906-92a149cb2c27" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e74de37c-a829-446c-937d-56a44f0e9306" ,
"type" : "detects"
}
] ,
"uuid" : "05d5b5b4-ef93-4807-b05f-33d8c5a35bc5" ,
"value" : "Group Modification"
} ,
{
"description" : "Logging, messaging, and other artifacts highlighting the health of host sensors (ex: metrics, errors, and/or exceptions from logging applications)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0bda01d5-4c1d-4062-8ee2-6872334383c3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0df05477-c572-4ed6-88a9-47c581f548f7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "18cffc21-3260-437e-80e4-4ab8bf2ba5e9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2bee5ffb-7a7a-4119-b1f2-158151b19ac0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "351c0927-2fc1-4a2c-ad84-cbbee7eb8172" ,
"type" : "detects"
} ,
{
"dest-uuid" : "36b2a1d7-e09e-49bf-b45e-477076c2ec01" ,
"type" : "detects"
} ,
{
"dest-uuid" : "38eb0c22-6caf-46ce-8869-5964bd735858" ,
"type" : "detects"
} ,
{
"dest-uuid" : "39131305-9282-45e4-ac3b-591d2d4fc3ef" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3f18edba-28f4-4bb9-82c3-8aa60dcac5f7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "46d818a5-67fa-4585-a7fc-ecf15376c8d5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4eb28bed-d11a-4641-9863-c2ac017d910a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4f14e30b-8b57-4a7b-9093-2c0778ea99cf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "667e5707-3843-4da8-bd34-88b922526f0d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "670a4d75-103b-4b14-8a9e-4652fa795edd" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "6ecbc2eb-e85a-440a-ab68-4d98f8d56fbe" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "74d2a63f-3c7b-4852-92da-02d8fbab16da" ,
"type" : "detects"
} ,
{
"dest-uuid" : "85a533a4-5fa4-4dba-b45d-f0717bedd6e6" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "8605a0ec-b44a-4e98-a7fc-87d4bd3acb66" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8f504411-cb96-4dac-a537-8d2bb7679c59" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9558a84e-2d5e-4872-918e-d847494a8ffc" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "a718a0c8-5768-41a1-9958-a1cc3f995e99" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "a91262d5-b9ff-463f-b8d2-12e4ea1eb3c9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ac08589e-ee59-4935-8667-d845e38fe579" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bef8aaee-961d-4359-a308-4c2182bcedff" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c08366bb-8d11-4921-853f-f0a3b6a2a1da" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c675646d-e204-4aa8-978d-e3d6d65885c4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c6e17ca2-08b5-4379-9786-89bd05241831" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cc6e0637-76d2-4af3-a604-9d8d3ff8a6b3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cd25c1b4-935c-4f0e-ba8d-552f28bc4783" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d74c4a7e-ffbf-432f-9365-7ebf1f787cab" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dfe29258-ce59-421c-9dee-e85cb9fa90cd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fd339382-bfec-4bf0-8d47-1caedc9e7e57" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ff73aa03-0090-4464-83ac-f89e233c02bc" ,
"type" : "detects"
}
] ,
"uuid" : "85a533a4-5fa4-4dba-b45d-f0717bedd6e6" ,
"value" : "Host Status"
} ,
{
"description" : "Contextual data about an instance and activity around it such as name, type, or status" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0708ae90-d0eb-4938-9a76-d0fc94f6eec1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "45fd904d-6eb0-4b50-8478-a961f09f898b" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "59bd0dec-f8b2-4b9a-9141-37a1e6899761" ,
"type" : "detects"
} ,
{
"dest-uuid" : "70857657-bd0b-4695-ad3e-b13f92cac1b4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cf1c2504-433f-4c4e-a1f8-91de45a0318c" ,
"type" : "detects"
}
] ,
"uuid" : "45fd904d-6eb0-4b50-8478-a961f09f898b" ,
"value" : "Instance Metadata"
} ,
{
"description" : "Contextual data about a virtual machine image such as name, resource group, state, or type" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "1c4e5d32-1fe9-4116-9d9d-59e3925bd6a2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "42e8de7b-37b2-4258-905a-6897815e58e0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4fd8a28b-4b3a-4cd6-a8cf-85ba5f824a7f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b5327dd1-6bf9-4785-a199-25bcbd1f4a9d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b597a220-6510-4397-b0d8-342cd2c58827" ,
"type" : "included-in"
}
] ,
"uuid" : "b597a220-6510-4397-b0d8-342cd2c58827" ,
"value" : "Image Metadata"
} ,
{
"description" : "Changes made to an instance, including its settings and/or control data (ex: instance.addResourcePolicies or instances.setMetadata within GCP Audit Logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0708ae90-d0eb-4938-9a76-d0fc94f6eec1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "45d0ff14-b9c4-41f5-8603-156657c20b75" ,
"type" : "included-in"
}
] ,
"uuid" : "45d0ff14-b9c4-41f5-8603-156657c20b75" ,
"value" : "Instance Modification"
} ,
{
"description" : "Changes made to a virtual machine image, including setting and/or control data (ex: Azure Compute Service Images PATCH)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "071a09b1-8945-46fd-8bb7-6bcc89400963" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "4fd8a28b-4b3a-4cd6-a8cf-85ba5f824a7f" ,
"type" : "detects"
}
] ,
"uuid" : "071a09b1-8945-46fd-8bb7-6bcc89400963" ,
"value" : "Image Modification"
} ,
{
"description" : "Activation or invocation of an instance (ex: instance.start within GCP Audit Logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0708ae90-d0eb-4938-9a76-d0fc94f6eec1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8c32eb4d-805f-4fc5-bf60-c4d476c131b5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b0c74ef9-c61e-4986-88cb-78da98a355ec" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f8213cde-6b3a-420d-9ab7-41c9af1a919f" ,
"type" : "included-in"
}
] ,
"uuid" : "f8213cde-6b3a-420d-9ab7-41c9af1a919f" ,
"value" : "Instance Start"
} ,
{
"description" : "Deactivation or stoppage of an instance (ex: instance.stop within GCP Audit Logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0708ae90-d0eb-4938-9a76-d0fc94f6eec1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1361e324-b594-4c0e-a517-20cee32b8d7f" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
}
] ,
"uuid" : "1361e324-b594-4c0e-a517-20cee32b8d7f" ,
"value" : "Instance Stop"
} ,
{
"description" : "Attaching a module into the memory of a process/program, typically to access shared resources/features provided by the module (ex: Sysmon EID 7)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "045d0922-2310-4e60-b5e4-3302302cb3c5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0a5231ec-41af-4a35-83d0-6bdf11f28c65" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0f4a0c76-ab2d-4cb0-85d3-3f0efb8cba0d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "10ff21b9-5a01-4268-a1b5-3b55015f1847" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "232a7e42-cd6e-4902-8fe9-2960f529dd4d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2c4d4e92-0ccf-4a97-b54c-86d662988a53" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2de47683-f398-448f-b947-9abcc3e32fad" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2f6b4ed7-fef1-44ba-bcb8-1b4beb610b64" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2fee9321-3e71-4cf4-af24-d4d40d355b34" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "356662f7-e315-4759-86c9-6214e2a50ff8" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "365be77f-fc0e-42ee-bac8-4faf806d9336" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3731fbcd-0e43-47ae-ae6c-d15e510f0d42" ,
"type" : "detects"
} ,
{
"dest-uuid" : "379809f6-2fac-42c1-bd2e-e9dee70b27f8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "391d824f-0ef1-47a0-b0ee-c59a75e27670" ,
"type" : "detects"
} ,
{
"dest-uuid" : "42fe883a-21ea-4cfb-b94a-78b6476dcc83" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43881e51-ac74-445b-b4c6-f9f9e9bf23fe" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43e7dc91-05b2-474c-b9ac-2ed4fe101f4d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "457c7820-d331-465a-915e-42f85500ccc4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4933e63b-9b77-476e-ab29-761bc5b7d15a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4ff5d6a8-c062-4c68-a778-36fc5edd564f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "5095a853-299c-4876-abd7-ac0050fb5462" ,
"type" : "detects"
} ,
{
"dest-uuid" : "543fceb5-cb92-40cb-aacf-6913d4db58bc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "54a649ff-439a-41a4-9856-8d144a2551ba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "54ca26f3-c172-4231-93e5-ccebcac2161f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "61afc315-860c-4364-825d-0d62b2e91edc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "633a100c-b2c9-41bf-9be5-905c1b16c825" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6836813e-8ec8-4375-b459-abb388cb1a35" ,
"type" : "detects"
} ,
{
"dest-uuid" : "68a0c5ed-bee2-4513-830d-5b0d650139bd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6e3bd510-6b33-41a4-af80-2d80f3ee0071" ,
"type" : "detects"
} ,
{
"dest-uuid" : "70d81154-b187-45f9-8ec5-295d01255979" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7385dfaf-6886-4229-9ecd-6fd678040830" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7d57b371-10c2-45e5-b3cc-83a8fb380e4c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "970a3432-3237-47ad-bcca-7d8cbb217736" ,
"type" : "detects"
} ,
{
"dest-uuid" : "98be40f2-c86b-4ade-b6fc-4964932040e5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "acd0ba37-7ba9-4cc5-ac61-796586cd856d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b3d682b6-98f2-4fb0-aa3b-b4df007ca70a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b6301b64-ef57-4cce-bb0b-77026f14a8db" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b83e166d-13d7-4b52-8677-dff90c548fd7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b8cfed42-6a8a-4989-ad72-541af74475ec" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b97f1d35-4249-4486-a6b5-ee60ccf24fab" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bc0f5e80-91c0-4e04-9fbb-e4e332c85dae" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c0a4a086-cc20-4e1e-b7cb-29d99dfa3fb1" ,
"type" : "included-in"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "cc279e50-df85-4c8e-be80-6dc2eda8849c" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "cc89ecbd-3d33-4a41-bcca-001e702d18fd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dfd7cc1d-e1d8-4394-a198-97c4cab8aa67" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e64c62cf-9cd7-4a14-94ec-cdaac43ab44b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ea4c2f9c-9df1-477c-8c42-6da1118f2ac4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ebbe170d-aa74-4946-8511-9921243415a3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ed7efd4d-ce28-4a19-a8e6-c58011eb2c7a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f0589bc3-a6ae-425a-a3d5-5659bfee07f4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4599aa0-4f85-4a32-80ea-fc39dc965945" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4c1826f-a322-41cd-9557-562100848c84" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f63fe421-b1d1-45c0-b8a7-02cd16ff2bed" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fc742192-19e3-466c-9eb5-964a97b29490" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "ff25900d-76d5-449b-a351-8824e62fc81b" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "ffeb0780-356e-4261-b036-cfb6bd234335" ,
"type" : "detects"
}
] ,
"uuid" : "c0a4a086-cc20-4e1e-b7cb-29d99dfa3fb1" ,
"value" : "Module Load"
} ,
{
"description" : "Contextual data about a malicious payload, such as compilation times, file hashes, as well as watermarks or other identifiable configuration information" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "212306d8-efa4-44c9-8c2d-ed3d2e224aa0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "34b3f738-bd64-40e5-a112-29b0542bc8bf" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7807d3a4-a885-4639-a786-c1ed41484970" ,
"type" : "detects"
} ,
{
"dest-uuid" : "93a6e38c-02a5-44d8-9035-b2e08459f31f" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "a2fdce72-04b2-409a-ac10-cc1695f4fce0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ce0687a0-e692-4b77-964a-0784a8e54ff1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e7cbc1de-1f79-48ee-abfd-da1241c65a15" ,
"type" : "detects"
} ,
{
"dest-uuid" : "edadea33-549c-4ed1-9783-8f5a5853cbdf" ,
"type" : "detects"
}
] ,
"uuid" : "93a6e38c-02a5-44d8-9035-b2e08459f31f" ,
"value" : "Malware Metadata"
} ,
{
"description" : "Contextual data about a running process, which may include information such as environment variables, image name, user/owner, etc." ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "120d5519-3098-4e1c-9191-2aa61232f073" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1365fe3b-0f50-455d-b4da-266ce31c23b0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1c4e5d32-1fe9-4116-9d9d-59e3925bd6a2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "29f1f56c-7b7a-4c14-9e39-59577ea2743c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "42e8de7b-37b2-4258-905a-6897815e58e0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43e7dc91-05b2-474c-b9ac-2ed4fe101f4d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "67720091-eee3-4d2d-ae16-8264567f6f5b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "693cdbff-ea73-49c6-ac3f-91e7285c31d1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7385dfaf-6886-4229-9ecd-6fd678040830" ,
"type" : "detects"
} ,
{
"dest-uuid" : "824add00-99a1-4b15-9a2d-6c5683b7b497" ,
"type" : "detects"
} ,
{
"dest-uuid" : "93591901-3172-4e94-abf8-6034ab26f44a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "970a3432-3237-47ad-bcca-7d8cbb217736" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bb5a00de-e086-4859-a231-fa793f6797e2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bd5b58a4-a52d-4a29-bc0d-3f1d3968eb6b" ,
"type" : "detects"
} ,
2024-11-28 16:56:25 +00:00
{
"dest-uuid" : "cc279e50-df85-4c8e-be80-6dc2eda8849c" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "dcaa092b-7de9-4a21-977f-7fcb77e89c48" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ee575f4a-2d4f-48f6-b18b-89067760adc1" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "f4599aa0-4f85-4a32-80ea-fc39dc965945" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f5946b5e-9408-485f-a7f7-b5efc88909b6" ,
"type" : "detects"
2024-11-28 16:56:25 +00:00
} ,
{
"dest-uuid" : "ff25900d-76d5-449b-a351-8824e62fc81b" ,
"type" : "detects"
2024-01-12 16:08:06 +00:00
}
] ,
"uuid" : "ee575f4a-2d4f-48f6-b18b-89067760adc1" ,
"value" : "Process Metadata"
} ,
{
"description" : "Contextual data about a pod and activity around it such as name, ID, namespace, or status" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "c0edd522-0aef-46b3-8efa-2bd334ce4242" ,
"type" : "included-in"
}
] ,
"uuid" : "c0edd522-0aef-46b3-8efa-2bd334ce4242" ,
"value" : "Pod Metadata"
} ,
{
"description" : "Changes made to a process, or its contents, typically to write and/or execute code in the memory of the target process (ex: Sysmon EID 8)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "41d9846c-f6af-4302-a654-24bba2729bc6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "43e7dc91-05b2-474c-b9ac-2ed4fe101f4d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "544b0346-29ad-41e1-a808-501bb4193f47" ,
"type" : "detects"
} ,
{
"dest-uuid" : "562e9b64-7239-493d-80f4-2bff900d9054" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7c0f17c9-1af6-4628-9cbd-9e45482dd605" ,
"type" : "detects"
} ,
{
"dest-uuid" : "806a49c4-970d-43f9-9acc-ac0ee11e6662" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b200542e-e877-4395-875b-cf1a44537ca4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d5fca4e4-e47a-487b-873f-3d22f8865e96" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "e49ee9d2-0d98-44ef-85e5-5d3100065744" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ea016b56-ae0e-47fe-967a-cc0ad51af67f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "eb2cb5cb-ae87-4de0-8c35-da2a17aafb99" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f4599aa0-4f85-4a32-80ea-fc39dc965945" ,
"type" : "detects"
}
] ,
"uuid" : "d5fca4e4-e47a-487b-873f-3d22f8865e96" ,
"value" : "Process Modification"
} ,
{
"description" : "Changes made to a pod, including its settings and/or control data (ex: kubectl set|patch|edit)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "56e0d8b8-3e25-49dd-9050-3aa252f5aa92" ,
"type" : "detects"
} ,
{
"dest-uuid" : "672b2ebd-4310-4efe-bf03-7ab005298a74" ,
"type" : "included-in"
}
] ,
"uuid" : "672b2ebd-4310-4efe-bf03-7ab005298a74" ,
"value" : "Pod Modification"
} ,
{
"description" : "Contextual data about an Internet-facing resource gathered from a scan, such as running services or ports" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0458aab9-ad42-4eac-9e22-706a95bafee2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1067aa74-5796-4d9b-b4f1-a4c9eb6fd9da" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "39cc9f64-cf74-4a48-a4d8-fe98c54a02e0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "60c4b628-4807-4b0b-bbf5-fdac8643c337" ,
"type" : "detects"
} ,
{
"dest-uuid" : "79da0971-3147-4af6-a4f5-e8cd447cd795" ,
"type" : "detects"
} ,
{
"dest-uuid" : "7e3beebd-8bfe-4e7b-a892-e44ab06a75f9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e196b5c5-8118-4a1c-ab8a-936586ce3db5" ,
"type" : "detects"
2024-04-24 06:19:40 +00:00
} ,
{
"dest-uuid" : "eb897572-8979-4242-a089-56f294f4c91d" ,
"type" : "detects"
2024-01-12 16:08:06 +00:00
}
] ,
"uuid" : "1067aa74-5796-4d9b-b4f1-a4c9eb6fd9da" ,
"value" : "Response Metadata"
} ,
{
"description" : "Contextual data about a snapshot, which may include information such as ID, type, and status" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8bc66f94-54a9-4be4-bdd1-fe90df643774" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "d4bdbdea-eaec-4071-b4f9-5105e12ea4b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ed2e45f9-d338-4eb2-8ce5-3a2e03323bc1" ,
"type" : "detects"
}
] ,
"uuid" : "8bc66f94-54a9-4be4-bdd1-fe90df643774" ,
"value" : "Snapshot Metadata"
} ,
{
"description" : "Contextual data about a service/daemon, which may include information such as name, service executable, start type, etc." ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "20fb2507-d71c-455d-9b6d-6104461cf26b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "42e8de7b-37b2-4258-905a-6897815e58e0" ,
"type" : "detects"
} ,
{
"dest-uuid" : "60d0c01d-e2bf-49dd-a453-f8a9c9fa6f65" ,
"type" : "detects"
} ,
{
"dest-uuid" : "70d81154-b187-45f9-8ec5-295d01255979" ,
"type" : "detects"
} ,
{
"dest-uuid" : "74fa567d-bc90-425c-8a41-3c703abb221c" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "7bdca9d5-d500-4d7d-8c52-5fd47baf4c0c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9e8b28c9-35fe-48ac-a14d-e6cc032dcbcd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ac08589e-ee59-4935-8667-d845e38fe579" ,
"type" : "detects"
} ,
{
"dest-uuid" : "aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c8e87b83-edbb-48d4-9295-4974897525b7" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f5d8eed6-48a9-4cdf-a3d7-d1ffa99c3d2a" ,
"type" : "detects"
}
] ,
"uuid" : "74fa567d-bc90-425c-8a41-3c703abb221c" ,
"value" : "Service Metadata"
} ,
{
"description" : "Established, compromised, or otherwise acquired social media personas" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "274770e0-2612-4ccf-a678-ef8e7bad365d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "81033c3b-16a4-46e4-8fed-9b030dd03c4a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "8fb2f315-1aca-4cef-ae0d-8105e1f95985" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "b1ccd744-3f78-4a0e-9bb2-2002057f7928" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cdfc5f0a-9bb9-4352-b896-553cfa2d8fd8" ,
"type" : "detects"
}
] ,
"uuid" : "8fb2f315-1aca-4cef-ae0d-8105e1f95985" ,
"value" : "Social Media"
} ,
{
"description" : "Changes made to a snapshop, such as metadata and control data (ex: AWS modify-snapshot-attribute)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d4bdbdea-eaec-4071-b4f9-5105e12ea4b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f1eb6ea9-f3ab-414f-af35-2d5427199984" ,
"type" : "included-in"
}
] ,
"uuid" : "f1eb6ea9-f3ab-414f-af35-2d5427199984" ,
"value" : "Snapshot Modification"
} ,
{
"description" : "Changes made to a service/daemon, such as changes to name, description, and/or start type (ex: Windows EID 7040 or /var/log daemon logs)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "106c0cf6-bf73-4601-9aa8-0945c2715ec5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "17cc750b-e95b-4d7d-9dde-49e0de24148c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2959d63f-73fd-46a1-abd2-109d7dcede32" ,
"type" : "detects"
} ,
{
"dest-uuid" : "573ad264-1371-4ae0-8482-d2673b719dba" ,
"type" : "detects"
} ,
{
"dest-uuid" : "66531bc6-a509-4868-8314-4d599e91d222" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "d10cbd34-42e3-45c0-84d2-535a09849584" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dfefe2ed-4389-4318-8762-f0272b350a1b" ,
"type" : "detects"
}
] ,
"uuid" : "66531bc6-a509-4868-8314-4d599e91d222" ,
"value" : "Service Modification"
} ,
{
"description" : "Contextual data about a cloud volume and activity around it, such as id, type, state, and size" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0f72bf50-35b3-419d-ab95-70f9b6a818dd" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
}
] ,
"uuid" : "0f72bf50-35b3-419d-ab95-70f9b6a818dd" ,
"value" : "Volume Metadata"
} ,
{
"description" : "Changes made to a cloud volume, including its settings and control data (ex: AWS modify-volume)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "144e007b-e638-431d-a894-45d90c54ab90" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4a5b7ade-8bb5-4853-84ed-23f262002665" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d46272ce-a0fe-4256-855e-738de7bb63ee" ,
"type" : "included-in"
}
] ,
"uuid" : "d46272ce-a0fe-4256-855e-738de7bb63ee" ,
"value" : "Volume Modification"
} ,
{
"description" : "Notifications generated by the OS" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "114fed8b-7eed-4136-8b9c-411c5c7fff4b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "233fe2c0-cb41-4765-b454-e0087597fbce" ,
"type" : "detects"
} ,
{
"dest-uuid" : "351ddf79-2d3a-41b4-9bef-82ea5d3ccd69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "648f8051-1a35-46d3-b1d8-3a3f5cf2cc8e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "789ef15a-34d9-4b32-a779-8cbbc9eb32f5" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9ef05e3d-52db-4c12-be4f-519214bbe91f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "bf0ff551-a5a7-40e5-bff9-f9405011b1f4" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "d2e112dc-f6d4-488d-b8df-ecbfb57a0a2d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e422b6fa-4739-46b9-992e-82f1b350c780" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ec4c4baa-026f-43e8-8f56-58c36f3162dd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f856eaab-e84a-4265-a8a2-7bf37e5dc2fc" ,
"type" : "detects"
}
] ,
"uuid" : "bf0ff551-a5a7-40e5-bff9-f9405011b1f4" ,
"value" : "System Notifications"
} ,
{
"description" : "Permissions declared in an application's manifest or property list file" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "08ea902d-ecb5-47ed-a453-2798057bb2d3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0d4e3bbb-7af5-4c88-a215-0c0906bc1e8d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1d1b1558-c833-482e-aabb-d07ef6eae63d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "28fdd23d-aee3-4afe-bc3f-5f1f52929258" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2bb20118-e6c0-41dc-a07c-283ea4dd0fb8" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3775a580-a1d1-46c4-8147-c614a715f2e9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "39dd7871-f59b-495f-a9a5-3cb8cc50c9b2" ,
"type" : "detects"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "45a5fe76-eda3-4d40-8f22-c186efd6278d" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "498e7b81-238d-404c-aa5e-332904d63286" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4c58b7c6-a839-4789-bda9-9de33e4d4512" ,
"type" : "detects"
} ,
{
"dest-uuid" : "6683aa0c-d98a-4f5b-ac57-ca7e9934a760" ,
"type" : "detects"
} ,
{
"dest-uuid" : "99e6295e-741b-4857-b6e5-64989eb039b4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9c049d7b-c92a-4733-9381-27e2bd2ccadc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9ef14445-6f35-4ed0-a042-5024f13a9242" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a8c31121-852b-46bd-9ba4-674ae5afe7ad" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a8e971b8-8dc7-4514-8249-ae95427ec467" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a9fa0d30-a8ff-45bf-922e-7720da0b7922" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ab7400b7-3476-4776-9545-ef3fa373de63" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b1c95426-2550-4621-8028-ceebf28b3a47" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b1e0bb80-23d4-44f2-b919-7e9c54898f43" ,
"type" : "included-in"
} ,
2024-04-24 06:19:40 +00:00
{
"dest-uuid" : "be63612f-a48f-44f2-a7a6-1763509fcf80" ,
"type" : "detects"
} ,
2024-01-12 16:08:06 +00:00
{
"dest-uuid" : "c6421411-ae61-42bb-9098-73fddb315002" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d446b9f0-06a9-4a8d-97ee-298cfee84f14" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d4536441-1bcc-49fa-80ae-a596ed3f7ffd" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d8940e76-f9c1-4912-bea6-e21c251370b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e2c2249a-eb82-4614-8dd4-9c514dde65e2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e422b6fa-4739-46b9-992e-82f1b350c780" ,
"type" : "detects"
} ,
{
"dest-uuid" : "eb6cf439-1bcb-4d10-bc68-1eed844ed7b3" ,
"type" : "detects"
}
] ,
"uuid" : "b1e0bb80-23d4-44f2-b919-7e9c54898f43" ,
"value" : "Permissions Requests"
} ,
{
"description" : "System prompts triggered when an application requests new or additional permissions" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "08e22979-d320-48ed-8711-e7bf94aabb13" ,
"type" : "detects"
} ,
{
"dest-uuid" : "08ea902d-ecb5-47ed-a453-2798057bb2d3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0b761f2b-197a-40f2-b100-8152cb957c0c" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9c049d7b-c92a-4733-9381-27e2bd2ccadc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9ef14445-6f35-4ed0-a042-5024f13a9242" ,
"type" : "detects"
} ,
{
"dest-uuid" : "cf28ca46-1fd3-46b4-b1f6-ec0b72361848" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e2f72131-14d1-411f-8e8c-aa3453dd5456" ,
"type" : "included-in"
}
] ,
"uuid" : "e2f72131-14d1-411f-8e8c-aa3453dd5456" ,
"value" : "Permissions Request"
} ,
{
"description" : "Exit of a running process (ex: Sysmon EID 5 or Windows EID 4689)" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "20b0931a-8952-42ca-975f-775bad295f1a" ,
"type" : "detects"
} ,
{
"dest-uuid" : "20fb2507-d71c-455d-9b6d-6104461cf26b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "3d333250-30e4-4a82-9edc-756c68afc529" ,
"type" : "detects"
} ,
{
"dest-uuid" : "61f1d40e-f3d0-4cc6-aa2d-937b6204194f" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "ac08589e-ee59-4935-8667-d845e38fe579" ,
"type" : "detects"
}
] ,
"uuid" : "61f1d40e-f3d0-4cc6-aa2d-937b6204194f" ,
"value" : "Process Termination"
} ,
{
"description" : "Settings visible to the user on the device" ,
"meta" : {
"refs" : [ ]
} ,
"related" : [
{
"dest-uuid" : "0cdd66ad-26ac-4338-a764-4972a1e17ee3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "0d4e3bbb-7af5-4c88-a215-0c0906bc1e8d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "1d1b1558-c833-482e-aabb-d07ef6eae63d" ,
"type" : "detects"
} ,
{
"dest-uuid" : "2aa78dfd-cb6f-4c70-9408-137cfd96be49" ,
"type" : "detects"
} ,
{
"dest-uuid" : "351ddf79-2d3a-41b4-9bef-82ea5d3ccd69" ,
"type" : "detects"
} ,
{
"dest-uuid" : "39dd7871-f59b-495f-a9a5-3cb8cc50c9b2" ,
"type" : "detects"
} ,
{
"dest-uuid" : "498e7b81-238d-404c-aa5e-332904d63286" ,
"type" : "detects"
} ,
{
"dest-uuid" : "4c58b7c6-a839-4789-bda9-9de33e4d4512" ,
"type" : "detects"
} ,
{
"dest-uuid" : "56c2b384-77f8-461f-a71a-76f7888ebfb6" ,
"type" : "included-in"
} ,
{
"dest-uuid" : "6683aa0c-d98a-4f5b-ac57-ca7e9934a760" ,
"type" : "detects"
} ,
{
"dest-uuid" : "73c26732-6422-4081-8b63-6d0ae93d449e" ,
"type" : "detects"
} ,
{
"dest-uuid" : "79cb02f4-ac4e-4335-8b51-425c9573cce1" ,
"type" : "detects"
} ,
{
"dest-uuid" : "99e6295e-741b-4857-b6e5-64989eb039b4" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9c049d7b-c92a-4733-9381-27e2bd2ccadc" ,
"type" : "detects"
} ,
{
"dest-uuid" : "9ef14445-6f35-4ed0-a042-5024f13a9242" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a8c31121-852b-46bd-9ba4-674ae5afe7ad" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a8e971b8-8dc7-4514-8249-ae95427ec467" ,
"type" : "detects"
} ,
{
"dest-uuid" : "a9fa0d30-a8ff-45bf-922e-7720da0b7922" ,
"type" : "detects"
} ,
{
"dest-uuid" : "ab7400b7-3476-4776-9545-ef3fa373de63" ,
"type" : "detects"
} ,
{
"dest-uuid" : "acf8fd2a-dc98-43b4-8d37-64e10728e591" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b1c95426-2550-4621-8028-ceebf28b3a47" ,
"type" : "detects"
} ,
{
"dest-uuid" : "b327a9c0-e709-495c-aa6e-00b042136e2b" ,
"type" : "detects"
} ,
{
"dest-uuid" : "c6421411-ae61-42bb-9098-73fddb315002" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d1f1337e-aea7-454c-86bd-482a98ffaf62" ,
"type" : "detects"
} ,
{
"dest-uuid" : "d8940e76-f9c1-4912-bea6-e21c251370b6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "dc01774a-d1c1-45fb-b506-0a5d1d6593d9" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86" ,
"type" : "detects"
} ,
{
"dest-uuid" : "e422b6fa-4739-46b9-992e-82f1b350c780" ,
"type" : "detects"
} ,
{
"dest-uuid" : "eb6cf439-1bcb-4d10-bc68-1eed844ed7b3" ,
"type" : "detects"
} ,
{
"dest-uuid" : "f05fc151-aa62-47e3-ae57-2d1b23d64bf6" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fc53309d-ebd5-4573-9242-57024ebdad4f" ,
"type" : "detects"
} ,
{
"dest-uuid" : "fcb11f06-ce0e-490b-bcc1-04a1623579f0" ,
"type" : "detects"
}
] ,
"uuid" : "56c2b384-77f8-461f-a71a-76f7888ebfb6" ,
"value" : "System Settings"
}
] ,
2024-11-28 16:56:25 +00:00
"version" : 3
2024-01-12 16:08:06 +00:00
}