Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This query was originally published in the threat analytics report, Solorigate supply chain attack. Please note that these attacks are currently known as the Nobelium campaign. Microsoft detects the 2020 SolarWinds supply chain attack implant and its other components as part of a campaign by the Nobelium activity group. Nobelium is the threat actor behind the attack against SolarWinds, which was previously referred to as Solorigate. Nobelium silently added malicious code to legitimate software u
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | GitHub Only |
| ID | fd25665b-9376-4c38-b046-76757eff0e40 |
| Tactics | Execution, Defense evasion |
| Required Connectors | MicrosoftThreatProtection |
| Source | [View on GitHub](https://github.com/Azure/Azure-Sentinel/blob/master/Hunting Queries/Microsoft%20365%20Defender/Campaigns/launching-base64-powershell%5BNobelium%5D.yaml) |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊