{"version":"1.0","title":"LetsDefend level 1 alert SOC107 - Privilege Escalation Detected event-id 19","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fzarat.hatenablog.com%2Fentry%2F2022%2F04%2F07%2F202139\" title=\"LetsDefend level 1 alert SOC107 - Privilege Escalation Detected event-id 19 - 4ensiX\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","published":"2022-04-07 20:21:39","blog_url":"https://zarat.hatenablog.com/","url":"https://zarat.hatenablog.com/entry/2022/04/07/202139","provider_url":"https://hatena.blog","author_url":"https://blog.hatena.ne.jp/Zarat/","width":"100%","author_name":"Zarat","blog_title":"4ensiX","type":"rich","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/Z/Zarat/20220407/20220407201806.png","description":"Details playbook Define Threat Indicator Check if the malware is quarantined/cleaned Analyze Malware creditcard -> 27e56f0f4bbb933a9ef25e0e0c2a4aaae578bdc2623e6bcdf664834e4ce60c9d Check If Someone Requested the C2 Add Artifacts End Details EventID: 19 Event Time: Sept. 22, 2020, 3:40 p.m. Rule: SOC1\u2026","categories":["LetsDefend","Malware"],"height":"190","provider_name":"Hatena Blog"}