sigma-rules

security-tools/sigma-rules

Fork 0

Commit Graph

Author	SHA1	Message	Date
Jonhnathan	f50fb1d61b	[New Rule] Suspicious Portable Executable Encoded in Powershell Script (#1562 ) * Create execution_posh_portable_executable.toml * Add wildcard * Remove the wildcard * Update rules/windows/execution_posh_portable_executable.toml Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com> Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com>	2021-10-18 17:50:16 -03:00

Author

SHA1

Message

Date

Jonhnathan

f50fb1d61b

[New Rule] Suspicious Portable Executable Encoded in Powershell Script (#1562 )

* Create execution_posh_portable_executable.toml

* Add wildcard

* Remove the wildcard

* Update rules/windows/execution_posh_portable_executable.toml

Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com>

Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com>

2021-10-18 17:50:16 -03:00

1 Commits