Back to list

Low CINC-20251221-9830757E new

Aggregate ID: aggind:47186ef241ea495885522e5d4930eda3:9170823450

Incident Overview

Incident ID CINC-20251221-9830757E
Severity Low (50)
Status new
Alert Count 1
Host Count 1

Timeline

First Seen 2025-12-22 05:10:18
Last Seen 2025-12-22 05:10:18
Duration 0d 0h 0m
Created 2025-12-22 08:36
Updated 2026-01-13 15:14

Kill Chain Analysis

Rec... Ini... Exe... Per... Pri... Def... Cre... Dis... Lat... Col... Com... Exf... Imp...
Observed Tactics:
Defense Evasion
Techniques:
Rundll32

Affected Hosts (1)

TEAHEE

Related Alerts (1)

Severity Status Hostname Description Tactic Command Line Time
Medium new TEAHEE JavaScript was executed from the command line via rundll32.exe (rundll32.exe was launched from the command line and included the "javascript:" argument). Defense Evasion rundll32 javascript:"\..\mshtml,RunHTMLApplication";alert(1) 12-22 05:10