valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 01:45:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
87ce07088f
SigmaHQ/rules/windows
History
Roberto Rodriguez 87ce07088f Update sysmon_plugx_susp_exe_locations.yml 
Duplicate rule title: https://github.com/Neo23x0/sigma/search?q=Executable+used+by+PlugX+in+Uncommon+Location&unscoped_q=Executable+used+by+PlugX+in+Uncommon+Location

This impats Elastalert integration since you cannot have two rules with the same name
2018-12-05 07:58:13 +03:00
..
builtin Update win_susp_commands_recon_activity.yml 2018-12-05 05:55:36 +03:00
malware Update av_relevant_files.yml 2018-12-05 07:53:53 +03:00
other Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell Update powershell_xor_commandline.yml 2018-12-05 05:51:41 +03:00
sysmon Update sysmon_plugx_susp_exe_locations.yml 2018-12-05 07:58:13 +03:00