valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 01:45:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #1994 from austinsonger/sysmon_mal_cobaltstrike_re.yml

Browse Source 
Update sysmon_mal_cobaltstrike_re.yml
This commit is contained in:
frack113 2021-09-05 09:20:22 +02:00 committed by GitHub
commit 254b43f17f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rules/windows/pipe_created/sysmon_mal_cobaltstrike_re.yml
View File

@ -6,7 +6,7 @@ references:
- https://svch0st.medium.com/guide-to-named-pipes-and-hunting-for-cobalt-strike-pipes-dc46b2c5f575
- https://gist.github.com/MHaggis/6c600e524045a6d49c35291a21e10752
date: 2021/07/30
modifed: 2021/09/02
modified: 2021/09/02
author: Florian Roth
tags:
- attack.defense_evasion