The Reveal Platform
Intel Name: Suspicious sysmon as execution parent
Date of Scan: July 9, 2025
Impact: High
Summary: Detects unusual process activity where Sysmon is observed as the parent process—behavior that may indicate exploitation attempts, such as those associated with CVE-2022-41120.
