Tag
low
advisory
Potential File Transfer via Curl for Windows
2 rules 3 TTPsAdversaries may abuse Curl for Windows to download files or upload data to a remote URL for command and control or exfiltration purposes.
Elastic Defend +3
command-and-control
file-transfer
windows
curl
2r
3t
medium
threat
Potential Lateral Tool Transfer via SMB Share
2 rules 2 TTPsThe rule identifies the creation or change of a Windows executable file over network shares, indicating potential lateral tool transfer via SMB, which adversaries may use to move tools between systems in a compromised environment.
Elastic Defend +1
lateral-movement
smb
file-transfer
windows
2r
2t