security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 45 Packages Projects Releases Wiki Activity

fix: wrong cmdline combos

Browse Source
This commit is contained in:
Florian Roth
2021-12-08 10:11:55 +01:00
parent 33bdfd124d
commit 6cdb8fc169
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
other/godmode_sigma_rule.yml
+1 -2
View File
@@ -56,8 +56,7 @@ detection:
- ' comsvcs.dll,#24' # Process dumping method apart from procdump
- ' comsvcs.dll MiniDump' # Process dumping method apart from procdump
- ' comsvcs.dll #24' # Process dumping method apart from procdump
- 'MiniDump full' # Process dumping method apart from procdump
- '#24 full' # Process dumping method apart from procdump
- '.dmp full' # Process dumping method apart from procdump
selection_parent_child:
ParentImage|contains:
# Office Dropper Detection