Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
When a server receives an unusual file type, particularly an executable file, there is a risk that the file is malware. Once uploaded to a file share, malware can easily propagate to other devices on your network.
The system might change the risk score for this detection.
Kill Chain
Risk Score
65
After an attacker compromises a workstation, the attacker searches for new targets on the network. Ideally, the compromised workstation has credentials that provide the attacker with administrative access to a new target. With administrative access, the attacker can transfer an executable file to a default file share (such as ADMIN$ or C$) on the target. After the malicious payload from the file runs (through the actions of the attacker or the victim), the attacker can move laterally to the newly compromised device to conduct more attacks.
