logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Cb ThreatHunter: How to search for processes with name changes

Cb ThreatHunter: How to search for processes with name changes

Environment

  • Carbon Black ThreatHunter PSC Console: All Versions

Objective

How to find processes with possible name changes

Resolution

In the Investigate page use the search parameter "process_file_description" 
process_file_description:notepad

 

Additional Notes

The process_file_description searches from the resource file of the process executable.

Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎12-11-2018
Views:
735
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.