Stopping processes using net stop

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Content Index

---

This query checks for attempts to stop at least 10 separate processes using the net stop command. Run query

Attribute	Value
Type	Hunting Query
Solution	GitHub Only
ID	70c0b10a-3596-4903-baf2-60b5d453bf8c
Tactics	Ransomware
Required Connectors	MicrosoftThreatProtection
Source	[View on GitHub](https://github.com/Azure/Azure-Sentinel/blob/master/Hunting Queries/Microsoft%20365%20Defender/Ransomware/Stopping%20processes%20using%20net%20stop.yaml)

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Hunting Queries