你即將離開本站

並前往https://attackevals.mitre-engenuity.org/enterprise/participants/elastic/indicatorremovalonhost?adversaries=carbanak_fin7

Indicator Removal on Host (T1070) - ATT&CK® EVALUATIONS

A Technique alert detection (high severity) for "ATT&CK T1107 File Deletion" was generated when sdelete64.exe made a NtSetInformationFile API call deleting ...

確定! 回上一頁

查詢 「NtSetInformationFile」的人也找了:

  1. Fileinformationclass
    2.
  2. NtQueryInformationFile
    3.
  3. ZwSetInformationFile
    4.
  4. File_basic_information
    5.
  5. IO_STATUS_BLOCK
    6.
  6. NtCreateFile
    7.
  7. SetFileInformationByHandle
    8.
  8. NtReadVirtualMemory
    9.