Detection Events

Real-time detection events from Falcon Event Stream

224,601

Total Detections

Today

200

Critical (4+)

High (3)

Detection Events 200

Time	Severity	Tactic/Technique	File
12-22 08:15:53	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:15:53	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:15:53	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:15:53	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:15:53	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:15:53	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:15:53	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:15:53	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:15:49	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:49	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:49	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:49	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:49	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:49	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:49	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:49	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:44	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:15:44	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:15:44	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:15:44	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:15:44	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:15:44	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:15:44	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:15:44	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:15:39	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:15:39	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:39	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:15:39	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:39	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:15:39	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:39	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:39	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:15:39	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:39	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:15:39	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:39	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:15:39	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:39	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:15:39	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:39	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:15:38	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:15:38	High	Persistence `Event Triggered Execution`	msiexec.exe
12-22 08:12:19	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:12:19	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:12:19	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:12:19	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:12:19	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:12:19	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:12:19	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:12:19	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:12:19	Informational	Execution `User Execution`	MegaGenerator.exe
12-22 08:12:16	High	Command and Control `Ingress Tool Transfer`	certutil.exe
12-22 08:12:16	High	Command and Control `Ingress Tool Transfer`	certutil.exe
12-22 08:12:16	High	Command and Control `Ingress Tool Transfer`	certutil.exe
12-22 08:12:16	High	Command and Control `Ingress Tool Transfer`	certutil.exe
12-22 08:12:16	High	Command and Control `Ingress Tool Transfer`	certutil.exe
12-22 08:12:16	High	Command and Control `Ingress Tool Transfer`	certutil.exe
12-22 08:12:16	High	Command and Control `Ingress Tool Transfer`	certutil.exe
12-22 08:12:16	High	Command and Control `Ingress Tool Transfer`	certutil.exe
12-22 08:12:16	High	Command and Control `Ingress Tool Transfer`	certutil.exe
12-22 08:12:14	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	Critical	Credential Access `OS Credential Dumping`	reg.exe
12-22 08:12:14	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:12:08	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:12:08	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:12:08	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:12:08	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:12:08	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:12:08	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:12:08	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:12:08	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:12:08	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:07:45	Informational	Execution `User Execution`	conhost.exe
12-22 08:07:45	Informational	Execution `User Execution`	powershell.exe
12-22 08:07:45	Informational	Execution `User Execution`	conhost.exe
12-22 08:07:45	Informational	Execution `User Execution`	powershell.exe
12-22 08:07:45	Informational	Execution `User Execution`	conhost.exe
12-22 08:07:45	Informational	Execution `User Execution`	powershell.exe
12-22 08:07:45	Informational	Execution `User Execution`	powershell.exe
12-22 08:07:45	Informational	Execution `User Execution`	conhost.exe
12-22 08:07:45	Informational	Execution `User Execution`	powershell.exe
12-22 08:07:45	Informational	Execution `User Execution`	conhost.exe
12-22 08:07:45	Informational	Execution `User Execution`	powershell.exe
12-22 08:07:45	Informational	Execution `User Execution`	conhost.exe
12-22 08:07:45	Informational	Execution `User Execution`	powershell.exe
12-22 08:07:45	Informational	Execution `User Execution`	conhost.exe
12-22 08:07:45	Informational	Execution `User Execution`	powershell.exe
12-22 08:07:45	Informational	Execution `User Execution`	conhost.exe
12-22 08:07:45	Informational	Execution `User Execution`	powershell.exe
12-22 08:07:45	Informational	Execution `User Execution`	conhost.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:06:06	High	Credential Access `OS Credential Dumping`	powershell.exe
12-22 08:02:41	Informational	Execution `User Execution`	python.exe
12-22 08:02:41	Informational	Execution `User Execution`	python.exe
12-22 08:02:41	Informational	Execution `User Execution`	python.exe
12-22 08:02:41	Informational	Execution `User Execution`	python.exe
12-22 08:02:41	Informational	Execution `User Execution`	python.exe
12-22 08:02:41	Informational	Execution `User Execution`	python.exe
12-22 08:02:41	Informational	Execution `User Execution`	python.exe
12-22 08:02:41	Informational	Execution `User Execution`	python.exe
12-22 08:02:41	Informational	Execution `User Execution`	python.exe
12-22 08:02:39	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:02:39	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:02:39	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:02:39	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:02:39	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:02:39	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:02:39	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:02:39	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:02:39	High	Defense Evasion `Regsvr32`	regsvr32.exe
12-22 08:02:37	High	Defense Evasion `CMSTP`	cmstp.exe
12-22 08:02:37	High	Defense Evasion `CMSTP`	cmstp.exe
12-22 08:02:37	High	Defense Evasion `CMSTP`	cmstp.exe
12-22 08:02:37	High	Defense Evasion `CMSTP`	cmstp.exe
12-22 08:02:37	High	Defense Evasion `CMSTP`	cmstp.exe
12-22 08:02:37	High	Defense Evasion `CMSTP`	cmstp.exe
12-22 08:02:37	High	Defense Evasion `CMSTP`	cmstp.exe
12-22 08:02:37	High	Defense Evasion `CMSTP`	cmstp.exe
12-22 08:02:37	High	Defense Evasion `CMSTP`	cmstp.exe
12-22 08:02:25	High	Execution `PowerShell`	cmd.exe
12-22 08:02:25	High	Execution `PowerShell`	cmd.exe
12-22 08:02:25	High	Execution `PowerShell`	cmd.exe
12-22 08:02:25	High	Execution `PowerShell`	cmd.exe
12-22 08:02:25	High	Execution `PowerShell`	cmd.exe
12-22 08:02:25	High	Execution `PowerShell`	cmd.exe
12-22 08:02:25	High	Execution `PowerShell`	cmd.exe
12-22 08:02:25	High	Execution `PowerShell`	cmd.exe
12-22 08:02:25	High	Execution `PowerShell`	cmd.exe
12-22 08:02:23	High	Execution `PowerShell`	cmd.exe
12-22 08:02:23	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:02:23	High	Execution `PowerShell`	cmd.exe
12-22 08:02:23	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:02:23	High	Execution `PowerShell`	cmd.exe
12-22 08:02:23	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:02:23	High	Execution `PowerShell`	cmd.exe
12-22 08:02:23	High	Defense Evasion `BITS Jobs`	bitsadmin.exe
12-22 08:02:23	High	Execution `PowerShell`	cmd.exe
12-22 08:02:23	High	Defense Evasion `BITS Jobs`	bitsadmin.exe