CMD Shell Reconnaissance Commands APT-3 Style
Detects cmd.exe executions with system enumeration commands associated with APT-3 group, including whoami, net user, ipconfig, systeminfo, and nltest for domain trust reconnaissance.
Detects cmd.exe executions with system enumeration commands associated with APT-3 group, including whoami, net user, ipconfig, systeminfo, and nltest for domain trust reconnaissance.