I have trouble answering the question: “What is the name of the suspicious service?” The question is too general and I don’t know what it refers to and where to look for the answer?
Hey there - if you review the logs in Wazuh, you should be able to find an alert related to a new Windows service being started. That alert will contain the name of the service.
3 Likes
Thanks, it helped me solve the conundrum
2 Likes