Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This query was originally published in the threat analytics report, Operation Soft Cell. Operation Soft Cell is a series of campaigns targeting users' call logs at telecommunications providers throughout the world. These attacks date from as early as 2012. Operation Soft Cell operators have been known to run nbtscan.exe, a legitimate MS-DOS command-line tool used to discover any NETBIOS nameservers on a local or remote TCP/IP network. The following query detects any nbtscan activity on the syste
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | GitHub Only |
| ID | 28ebbb87-535b-4ba0-80f4-6fbf80b7c55a |
| Tactics | Discovery |
| Required Connectors | MicrosoftThreatProtection |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
DeviceFileEvents |
✓ | ✗ | ? |
DeviceProcessEvents |
✓ | ✗ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊