sigma/Add sysmon_renamed_binary
This commit is contained in:
mgreen27
@@ -1,6 +1,6 @@
|
||||
title: Renamed Binary
|
||||
status: experimental
|
||||
description: Detects the execution of a renamed binary often used by attackers or malware leveraging new
|
||||
description: Detects the execution of a renamed binary often used by attackers or malware leveraging new Sysmon OriginalFileName datapoint.
|
||||
author: Matthew Green - @mgreen27
|
||||
date: 2019/06/15
|
||||
references:
|
||||
|
||||
Reference in New Issue
Block a user