Injection into system process [F0413b][C] - False positives for MSTSC.EXE

IsuruSam · August 17, 2022

I have the above detection rule creating false positives and when checked, all the detections are for MSTSC.EXE. The triggering processes are mostly the browsers (chrome.exe). All the endpoints are user PCs. Is there a way to tune this rule to stop the false positives?

JamesR · August 17, 2022

Should be answered here:

Sign In

Injection into system process [F0413b][C] - False positives for MSTSC.EXE

Recommended Posts

IsuruSam 0

Link to comment

Share on other sites

JamesR 52

Link to comment

Share on other sites

Recently Browsing 0 members

Quick search

FAQ

Topics

Browse

Activity

My Activity Streams