security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Merge fixes for Rules

Browse Source
This commit is contained in:
Hasan
2021-06-16 10:45:20 +05:00
parent fabcb6c3c6 415ced0023
commit 33fcfd71bb
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
rules/windows/registry_event/sysmon_taskcache_entry.yml
+2 -2
View File
@@ -3,7 +3,7 @@ id: 4720b7df-40c3-48fd-bbdf-fd4b3c464f0d
description: Monitor the creation of a new key under 'TaskCache' when a new scheduled task is registered
tags:
- attack.persistence
- attack..t1053
- attack.t1053
- attack.t1053.005
date: 2021/06/18
references:
@@ -18,4 +18,4 @@ logsource:
detection:
selection:
TargetObject|contains: 'SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\'
condition: selection
condition: selection