Tag
This detection identifies the creation of new Windows services with suspicious command values, often used for privilege escalation and persistence by malicious actors.