Product
This brief focuses on the detection of renamed Sysinternals ProcDump executables, a technique often employed by threat actors to evade security controls and perform credential dumping from LSASS memory on Windows systems, leading to potential lateral movement and privilege escalation.