valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-09 02:26:48 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
04f7766d7a
SigmaHQ/rules/windows/malware
History
Arnim Rupp d5de3fe5f9 more AV event and suspicious commands 
some of the AV events are duplicates to win_av_relevant_match.yml, should we clean that up or include the strings in both?
2021-01-07 17:54:19 +01:00
..
av_exploiting.yml Merge pull request #492 from booberry46/master 2020-01-30 14:27:30 +01:00
av_password_dumper.yml more AV event and suspicious commands 2021-01-07 17:54:19 +01:00
av_relevant_files.yml Add scriptlets 2019-11-14 22:26:22 +01:00
av_webshell.yml more AV event and suspicious commands 2021-01-07 17:54:19 +01:00
mal_azorult_reg.yml Changed level to ciritcal 2020-05-11 10:40:23 +02:00
win_mal_blue_mockingbird.yml fix: condition location 2020-05-15 12:06:34 +02:00
win_mal_flowcloud.yml Fix rules with incorrect escaping of wildcars 2020-06-15 13:38:18 -04:00
win_mal_octopus_scanner.yml Further subtechnique updates 2020-06-17 11:31:40 -06:00
win_mal_ryuk.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
win_mal_ursnif.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00