valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 10:13:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #316 from megan201296/patch-19

Browse Source 
Update win_mal_ursnif.yml
This commit is contained in:
Florian Roth 2019-04-14 23:10:16 +02:00 committed by GitHub
commit cb0a87e21e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rules/windows/malware/win_mal_ursnif.yml
View File

@ -15,7 +15,7 @@ logsource:
detection:
selection:
EventID: 13
TargetObject: 'HKU\Software\AppDataLow\Software\Microsoft\\*'
TargetObject: '*\Software\AppDataLow\Software\Microsoft\\*'
condition: selection
falsepositives:
- Unknown