MITRE ATT&CK detection coverage

← Back to main site

Home/ MITRE Matrix/ Defense Evasion/ T1218.009

T1218.009Regsvcs/Regasm

T1218.009 — Regsvcs/Regasm is a MITRE ATT&CK technique in the Defense Evasion tactic. Clankerusecase tracks 6 detection use cases covering it.

Defense Evasion

View on the matrix → Filter Detection Library MITRE official spec ↗

6Use cases

0Articles

0Sub-techniques

1Tactic

↑ Parent technique: T1218 · System Binary Proxy Execution

Use cases covering this technique (6)

Detect Regasm Spawning a Process ESCU actions · alerting P Detect Regasm with Network Connection ESCU actions · alerting P Detect Regasm with no Command Line Arguments ESCU actions · alerting P Detect Regsvcs Spawning a Process ESCU actions · alerting P Detect Regsvcs with Network Connection ESCU actions · alerting P Detect Regsvcs with No Command Line Arguments ESCU actions · alerting P