Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This query was originally published in the threat analytics report, ironSource PUA & unwanted apps impact millions. IronSource provides software bundling tools for many popular legitimate apps, such as FileZilla. However, some of ironSource's bundling tools are considered PUA, because they exhibit potentially unwanted behavior. One component of these tools, detected by Microsoft as Prifou, silently transmits system information from the user. It also installs an outdated version of Chromium brows
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | GitHub Only |
| ID | 62bc4944-46dd-4c2f-ba04-72837bbfec3f |
| Tactics | Persistence, Malware, component |
| Required Connectors | MicrosoftThreatProtection |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
DeviceFileEvents |
✓ | ✗ | ? |
DeviceProcessEvents |
✓ | ✗ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊