security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

Update silenttrinity_stager_msbuild_activity.yml

Browse Source
This commit is contained in:
S.kiran kumar
2020-10-26 14:13:33 +05:30
committed by GitHub
parent 630365cb4b
commit 708fe7f8fa
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
rules/windows/sysmon/silenttrinity_stager_msbuild_activity.yml
+1 -1
View File
@@ -19,7 +19,7 @@ detection:
- '443'
Initiated: 'true'
filter:
ParentImage|endswith: '*\msbuild.exe'
ParentImage|endswith: '\msbuild.exe'
condition: selection and filter
falsepositives:
- unknown