Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
Malware authors will sometimes hardcode user agent string values when writing the network communication component of their malware. Malformed user agents can be an indication of such malware.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Standalone Content |
| ID | a357535e-f722-4afe-b375-cff362b2b376 |
| Severity | Medium |
| Kind | Scheduled |
| Tactics | InitialAccess, CommandAndControl, Execution |
| Techniques | T1189, T1071, T1203 |
| Required Connectors | WAF, Office365, AzureActiveDirectory, AzureActiveDirectory, AWS, AzureMonitor(IIS) |
| Source | View on GitHub |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊