Tag

Remote-File-Execution

1 brief RSS

Potential Remote File Execution via MSIEXEC

The rule detects the execution of the built-in Windows Installer, msiexec.exe, to install a remote package potentially abused by adversaries for initial access and defense evasion.

Windows Installer msiexec remote-file-execution initial-access defense-evasion windows

2r 3t 8h ago