 Jonhnathan
|
28febe5dd2
|
Update win_apt_chafer_mar18.yml
|
2020-10-27 23:28:04 -03:00 |
|
|
Jonhnathan
|
0860978412
|
Update win_apt_bear_activity_gtr19.yml
|
2020-10-27 23:26:34 -03:00 |
|
|
Jonhnathan
|
e24e6da3b5
|
Update win_apt_apt29_thinktanks.yml
|
2020-10-27 23:24:04 -03:00 |
|
|
Jonhnathan
|
467af2ebb5
|
Update sysmon_susp_prog_location_network_connection.yml
|
2020-10-27 22:56:32 -03:00 |
|
|
Jonhnathan
|
266109f3d8
|
Update win_mal_ryuk.yml
|
2020-10-27 22:47:41 -03:00 |
|
|
Jonhnathan
|
514f9ccd28
|
Update win_mal_ryuk.yml
|
2020-10-27 22:42:15 -03:00 |
|
|
Jonhnathan
|
187d1d3e3b
|
Update win_user_driver_loaded.yml
|
2020-10-27 22:37:50 -03:00 |
|
|
Jonhnathan
|
dbad6c637f
|
Update av_webshell.yml
|
2020-10-27 22:35:45 -03:00 |
|
|
Jonhnathan
|
0afe48a0a0
|
Update av_relevant_files.yml
|
2020-10-27 22:34:57 -03:00 |
|
|
Jonhnathan
|
95da1ec500
|
Update av_relevant_files.yml
|
2020-10-27 22:32:16 -03:00 |
|
|
Jonhnathan
|
d3c6d9df31
|
Update win_mal_ryuk.yml
|
2020-10-27 22:21:16 -03:00 |
|
|
Jonhnathan
|
98c7639db7
|
Update mal_azorult_reg.yml
|
2020-10-27 22:19:04 -03:00 |
|
|
Jonhnathan
|
8f4d6f802b
|
Update mal_azorult_reg.yml
|
2020-10-27 22:18:41 -03:00 |
|
|
Jonhnathan
|
bfb50a3d42
|
Update sysmon_susp_office_dsparse_dll_load.yml
|
2020-10-27 22:13:02 -03:00 |
|
|
Jonhnathan
|
3477866451
|
Update sysmon_susp_procexplorer_driver_created_in_tmp_folder.yml
|
2020-10-27 22:10:17 -03:00 |
|
|
Jonhnathan
|
9fd203e2a3
|
Update mal_azorult_reg.yml
|
2020-10-27 22:07:45 -03:00 |
|
|
Jonhnathan
|
ebb84486f5
|
Update sysmon_susp_adsi_cache_usage.yml
|
2020-10-27 22:04:31 -03:00 |
|
|
Jonhnathan
|
182b12614b
|
Update sysmon_quarkspw_filedump.yml
|
2020-10-27 22:02:47 -03:00 |
|
|
Jonhnathan
|
dde5b46726
|
Update win_susp_sam_dump.yml
|
2020-10-27 22:01:31 -03:00 |
|
|
Jonhnathan
|
61ccdc598d
|
Update win_susp_local_anon_logon_created.yml
|
2020-10-27 22:00:42 -03:00 |
|
|
Jonhnathan
|
3eea825898
|
Update win_net_ntlm_downgrade.yml
|
2020-10-27 21:59:49 -03:00 |
|
|
Jonhnathan
|
53ff19f167
|
Update win_mmc20_lateral_movement.yml
|
2020-10-27 21:55:17 -03:00 |
|
|
Jonhnathan
|
3f23aa56c0
|
Revert "Revert "Changed the rule to download only and not the copy""
This reverts commit 17e7eee3a6.
|
2020-10-16 11:05:51 -03:00 |
|
|
Jonhnathan
|
0734274dfa
|
Revert "Revert "Create win_susp_replace_lolbin.yml""
This reverts commit fdd9234acc.
|
2020-10-16 11:05:40 -03:00 |
|
|
Jonhnathan
|
9a5c166bb2
|
Fix filter
|
2020-10-16 07:35:59 -03:00 |
|
|
Jonhnathan
|
2332e42e4c
|
Update win_susp_copy_lateral_movement.yml
|
2020-10-15 21:01:23 -03:00 |
|
|
Jonhnathan
|
d4603d196b
|
Update win_susp_adfind.yml
|
2020-10-15 21:00:15 -03:00 |
|
|
Jonhnathan
|
fc6c727c70
|
Update powershell_malicious_commandlets.yml
|
2020-10-15 20:59:27 -03:00 |
|
|
Jonhnathan
|
1584ddf918
|
Update sysmon_susp_service_installed.yml
|
2020-10-15 20:50:42 -03:00 |
|
|
Jonhnathan
|
f4872118a2
|
Update win_powershell_dll_execution.yml
|
2020-10-15 20:38:55 -03:00 |
|
|
Jonhnathan
|
3566dd1594
|
Fix
|
2020-10-15 20:35:50 -03:00 |
|
|
Jonhnathan
|
44c909a4a4
|
Update win_apt_mustangpanda.yml
|
2020-10-15 20:33:00 -03:00 |
|
|
Jonhnathan
|
5fc348fd45
|
Fix
|
2020-10-15 20:32:16 -03:00 |
|
|
Jonhnathan
|
37ee747dfe
|
Update win_apt_chafer_mar18.yml
|
2020-10-15 20:30:52 -03:00 |
|
|
Jonhnathan
|
1fac65dad0
|
Fix
|
2020-10-15 20:29:02 -03:00 |
|
|
Jonhnathan
|
0dfacd1f63
|
Fix
|
2020-10-15 20:27:10 -03:00 |
|
|
Jonhnathan
|
9795c95a9b
|
Update av_webshell.yml
|
2020-10-15 20:25:34 -03:00 |
|
|
Jonhnathan
|
345c3c6451
|
Fix
|
2020-10-15 20:24:31 -03:00 |
|
|
Jonhnathan
|
86ade194a4
|
Fix
|
2020-10-15 20:22:56 -03:00 |
|
|
Jonhnathan
|
0666d21b06
|
Update win_dcsync.yml
|
2020-10-15 20:19:06 -03:00 |
|
|
Jonhnathan
|
d7eda3fe7e
|
Update sysmon_wmi_susp_scripting.yml
|
2020-10-15 20:15:22 -03:00 |
|
|
Jonhnathan
|
92aaeca075
|
Update sysmon_susp_powershell_rundll32.yml
|
2020-10-15 20:14:23 -03:00 |
|
|
Jonhnathan
|
26b36086c7
|
Update sysmon_cmstp_execution.yml
|
2020-10-15 20:13:39 -03:00 |
|
|
Jonhnathan
|
df81f5180d
|
Update sysmon_cactustorch.yml
|
2020-10-15 20:12:54 -03:00 |
|
|
Jonhnathan
|
457217bfc0
|
Update sysmon_win_reg_persistence.yml
|
2020-10-15 20:11:52 -03:00 |
|
|
Jonhnathan
|
229e57777a
|
Update sysmon_win_reg_persistence.yml
|
2020-10-15 20:11:37 -03:00 |
|
|
Jonhnathan
|
8a52610bf8
|
Update sysmon_uac_bypass_eventvwr.yml
|
2020-10-15 20:11:11 -03:00 |
|
|
Jonhnathan
|
6ea18efdaf
|
Update sysmon_sysinternals_eula_accepted.yml
|
2020-10-15 20:10:44 -03:00 |
|
|
Jonhnathan
|
7dfb8f0e99
|
Update sysmon_suspicious_keyboard_layout_load.yml
|
2020-10-15 20:10:21 -03:00 |
|
|
Jonhnathan
|
9c434eaf04
|
Update sysmon_susp_service_installed.yml
|
2020-10-15 20:10:06 -03:00 |
|