Back to list

Medium CINC-20251221-609F4FF7 new

Aggregate ID: aggind:47186ef241ea495885522e5d4930eda3:9220225693

Incident ID CINC-20251221-609F4FF7

Severity Medium (70)

Status new

Alert Count 5

Host Count 1

First Seen 2025-12-22 07:20:11

Last Seen 2025-12-22 07:20:40

Duration 0d 0h 0m

Created 2025-12-22 08:36

Updated 2026-01-13 15:14

Rec... Ini... Exe... Per... Pri... Def... Cre... Dis... Lat... Col... Com... Exf... Imp...

Observed Tactics:

Techniques:

Severity	Status	Hostname	Description	Tactic	Command Line	Time
High	new	TEAHEE	Adversaries may establish persistence and elevate privileges by using an installer to trigger the execution of malicious content. Please review the installer package and any pre- or post-install actions.	Persistence	msiexec /q /i http://127.0.0.1/test.msi	12-22 07:20
High	new	TEAHEE	Adversaries may establish persistence and elevate privileges by using an installer to trigger the execution of malicious content. Please review the installer package and any pre- or post-install actions.	Persistence	msiexec /q /i http://127.0.0.1/test.msi	12-22 07:20
High	new	TEAHEE	Adversaries may establish persistence and elevate privileges by using an installer to trigger the execution of malicious content. Please review the installer package and any pre- or post-install actions.	Persistence	msiexec /q /i http://127.0.0.1/test.msi	12-22 07:20
High	new	TEAHEE	Adversaries may establish persistence and elevate privileges by using an installer to trigger the execution of malicious content. Please review the installer package and any pre- or post-install actions.	Persistence	msiexec /q /i http://127.0.0.1/test.msi	12-22 07:20
High	new	TEAHEE	Adversaries may establish persistence and elevate privileges by using an installer to trigger the execution of malicious content. Please review the installer package and any pre- or post-install actions.	Persistence	msiexec /q /i http://127.0.0.1/test.msi	12-22 07:20