← Customer 27935348

#31085 Threat | P1 | SentinelOne Unmitigated Malicious Threat @ Artichoke Consulting - MSP Free

New-Blumira Created Dec 30, 2024, 7:21 AM
System (internal) Dec 30, 2024, 7:21 AM 
Created from Lead: https://artichoke.shield.syncromsp.com/leads/29608669/convert
Check-in (internal) Dec 30, 2024, 7:21 AM 
[embedded image](https://www.blumira.com/)

Threat | P1 | SentinelOne Unmitigated Malicious Threat @ Artichoke Consulting - MSP Free

Blumira has detected SentinelOne Unmitigated Malicious Threat for Artichoke Consulting - MSP Free on 2024-12-30 12:20AM MST and triggered action Create Priority 1 Threat for Responders.

Analysis:

A Ransomware threat has been alerted on by SentinelOne on AC-WINtop with the logged in user artichoke for activity related to powershell.exe (interactive session).

The threat detection details include:

Process started from shortcut file, Identified attempt to access a raw volume, Indirect command was executed, and 4 others

Finding ID: F-24-53-EAC3

Finding Data Source: SentinelOne Activities
Replying to this email does not open a ticket or notify the support team. Please email [email protected] or comment within the Finding.

[Learn More](https://app.blumira.com/6d44dca3-0d61-456b-9eef-18981f6fb2fc/query/findings/eac3169d-a5ce-42cc-bcd0-09f02566ab23)

[embedded image]

[email protected]
[206 E. Huron Street, Suite 106, Ann Arbor, MI 48104](#)

7253dc18-01c2-4b76-b323-d08e2b692b6c

[embedded image]
Ticket Automation (internal) Dec 30, 2024, 7:21 AM 
Automation Blumira ran on this ticket. Actions: Change Status to New-Blumira