How to detect Microsoft Office documents spawning processes? Such as: PowerShell CMD WMI MSHTA Etc.

Hi Bill , Thanks for reaching out to the Sophos Community Forum. Sophos Intercept X will prevent many of these malicious behaviours from taking place. The following article describes some of the potential threats covered. - Exploits Explained If you wish to take a closer look into some of the detections, the following XDR Demo may also help. - Sophos XDR: Detections Pivot Demo

How to detect Microsoft Office documents spawning processes?

Bill Elkin 2 months ago

How to detect Microsoft Office documents spawning processes? Such as:

PowerShell
CMD
WMI
MSHTA
Etc.

Added TAGs
[edited by: Gladys at 4:32 PM (GMT -7) on 24 Mar 2023]

Top Replies

Qoosh 2 months ago +1 suggested

Hi Bill , Thanks for reaching out to the Sophos Community Forum. Sophos Intercept X will prevent many of these malicious behaviours from taking place. The following article describes some of the potential…

0 Qoosh 2 months ago

Hi Bill,

Thanks for reaching out to the Sophos Community Forum.

Sophos Intercept X will prevent many of these malicious behaviours from taking place. The following article describes some of the potential threats covered.
- Exploits Explained

If you wish to take a closer look into some of the detections, the following XDR Demo may also help.
- Sophos XDR: Detections Pivot Demo

Kushal Lakhan

Team Lead, Global Community Support
Connect with Sophos Support, get alerted, and be informed.
If a post solves your question, please use the "Verify Answer" button.

The New Home of Sophos Support Videos! - Visit Sophos Techvids
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Reject Answer

Cancel