Sponsor of the Day:
Jerkmate
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_copy_dmp_from_share/
Copy .DMP/.DUMP Files From Remote Share Via Cmd.EXE | Detection.FYI
Detects usage of the copy builtin cmd command to copy files with the
exe detection fyishare viacopydmpdump
https://ccm.net/computing/windows/139-how-to-delete-windows-old-folder-from-windows-10/
Delete Windows.old from Windows 10: via cmd, CCleaner
Mar 9, 2023 - Have you discovered a mysterious (and very heavy) folder called Windows.old on your PC? Although it is impossible to send it to the Recycle Bin in the...
via cmddeletewindowsold10
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_stdin_redirect/
Read Contents From Stdin Via Cmd.EXE | Detection.FYI
exe detection fyivia cmdreadcontentsstdin