by morphicpro on 1/31/24, 5:28 PM with 1 comments
by morphicpro on 1/31/24, 5:28 PM
``` Some of the built-in tools this actor uses are: wmic, ntdsutil, netsh, and PowerShell. The advisory provides examples of the actor’s commands along with detection signatures to aid network defenders in hunting for this activity. ```