duplicate uuid 2dbd9d3d-9e27-42a8-b8df-f13825c6c3d5

- sysmon_susp_webdav_client_execution.yml - sysmon_wdigest_enable_uselogoncredential.yml
2021-05-27 20:59:26 +02:00
parent 06a84350ae
commit 179bfa7d56
1 changed files with 2 additions and 1 deletions
@@ -1,8 +1,9 @@
 title: Wdigest Enable UseLogonCredential
-id: 2dbd9d3d-9e27-42a8-b8df-f13825c6c3d5
+id: d6a9b252-c666-4de6-8806-5561bbbd3bdc
 description: Detects potential malicious modification of the property value of UseLogonCredential from HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest to enable clear-text credentials
 status: experimental
 date: 2019/09/12
+modified: 2021/05/27
 author: Roberto Rodriguez (Cyb3rWard0g), OTR (Open Threat Research)
 tags:
    - attack.defense_evasion