HIGH 'Command-line arguments match Mimikatz execution' along with 1 other issue
NEW
ID: #1713
|
Created: 2026-01-15 14:05:09
2
Alerts
1
Hosts
2
Files
0
Network
Incident Overview
'Command-line arguments match Mimikatz execution' along with 1 other issue generated by XDR BIOC and XDR Agent detected on host desktop-fnumv3u involving user desktop-fnumv3u\user
2
2026-01-15 14:06
Unassigned
XDR BIOC, XDR Agent
Malware
Credential Access
Affected Hosts & Users
desktop-fnumv3u\user
MITRE ATT&CK Mapping
File Artifacts
2
Network Artifacts
0
No network artifacts found for this incident
Process Artifacts
2
| Process | Command Line | Parent Process | User |
|---|---|---|---|
| python.exe |
"python" mega_incident_generator.py --fast --rounds 1
|
cmd.exe | DESKTOP-FNUMV3U\User |
| python.exe |
"python" mega_incident_generator.py --fast --rounds 1
|
cmd.exe | DESKTOP-FNUMV3U\User |
Registry Artifacts
0
No registry artifacts found for this incident
Analyst Verdict
HIGH
- Isolate affected endpoints
- Investigate all related alerts
- Document findings
Summary
2
Alerts
1
Hosts
2
Files
0
Network
Alert Categories
Malware
Credential Access
Timeline
01-15 14:06:22
Incident Modified
Status or details updated
01-15 14:05:09
Incident Created
#1713 - 'Command-line arguments match Mimikatz execution' along with 1 other issue
01-15 14:05:09
python.exe
Verdict: Unknown
01-15 14:05:09
cmd.exe
Verdict: Unknown
01-15 14:05:00
Command-line arguments match Mimikatz execution
high - Detected
01-15 14:04:59
Suspicious Process Creation
medium - Prevented (Blocked)