valitydev/signature-base
14
0
Fork 0
mirror of https://github.com/valitydev/signature-base.git synced 2024-11-07 02:25:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

False Positive Reduction - pwhash

Browse Source
This commit is contained in:
Florian Roth 2019-04-24 10:34:32 +02:00
parent 89b893219f
commit e56ff47bb4
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
iocs/filename-iocs.txt
View File

@ -2101,7 +2101,6 @@ ystem32\\lcsvsvc\.dll;80
# Cred Dumping
\\(q32|q64|wceaux|w86|q86|quarkpwd[^\\]*|m64|m32|hash32|hash64|64|32|wce32|wce64|w32|w64|wce|p32|p64|ps32|ps64|mimikatz|mimilove|mm32|mm64|pw32|pw64|g32|g64|gs32|gs64|hash|hashdump|dumpsvc)\.exe;60;\\distlib\\
\\(g64\-|\\g32\-|\\gsecdump\.exe|gcx64\.|\\gcx32\.|\\gec\.|\\gse\.exe);60
\\pwhash;60;(\\python\\|\\site-packages\\)
\\fgdump;60
\\w32\.exe;50;site-packages
\\w64\.exe;50;site-packages