Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
A victim can easily download executable files from the internet. When a victim downloads an executable file, there is a risk that the file contains malware. Attackers can leverage malware to support their operations, such as maintaining control of compromised devices, evading defenses, and running commands to achieve attack campaign objectives.
The system might change the risk score for this detection.
Kill Chain
Risk Score
60
The system detects most forms of executable files, including these file types:
JAVA-CLASS, which is affiliated with executable Java .class files
PE (Win32/64 Portable Executable), which is affiliated with Windows executable files, such as EXE and DLL file types
ELF (Executable and Linkable Format), which is affiliated with Linux executable files, shared objects, and libraries
MACH-O (Mach Object), which is affiliated with macOS and iOS executable files, object codes, and shared libraries
JAR (Java Archive), which is affiliated with Java executable programs
DMG (Disk image), which could contain macOS executable files
Quarantine the device while checking for indicators of compromise, such as malware
Configure firewalls to block inbound traffic from suspicious external hosts
Implement network segmentation, security zones, and firewall policies that limit how devices can communicate
