1 rule found for "Kalambur Backdoor Curl TOR SOCKS Proxy Execution"
Detects the execution of the "curl.exe" command, referencing "SOCKS" and ".onion" domains, which could be indicative of Kalambur backdoor activity.