TU

Tom Ueltschi

First rule: Fri Nov 10 2017 01:00:00 GMT+0100 (Central European Standard Time)

Share profile card

0rules authored

3sole author

4co-authored

Top Log Sources

windows / process_creation

windows / file_event

windows / registry_set

Rule Types

5 emerging threat

By Severity

critical

1

high

4

medium

2

low

0

informational

0

By Status

stable

0

test

7

experimental

0

deprecated

0

unsupported

0

0

Total Rules

0

Stable Rules

0

High / Critical

0

Log Source Types

Recent RulesAll rules →

Potential Persistence Via Logon Scripts - Registry

Sat Jan 12 2019 01:00:00 GMT+0100 (Central European Standard Time)

mediumDetection

Uncommon Userinit Child Process

Sat Jan 12 2019 01:00:00 GMT+0100 (Central European Standard Time)

Potential Persistence Via Logon Scripts - CommandLine

Sat Jan 12 2019 01:00:00 GMT+0100 (Central European Standard Time)

NotPetya Ransomware Activity

Wed Jan 16 2019 01:00:00 GMT+0100 (Central European Standard Time)

criticalEmerging Threat

Adwind RAT / JRAT File Artifact

Fri Nov 10 2017 01:00:00 GMT+0100 (Central European Standard Time)

Adwind RAT / JRAT

Fri Nov 10 2017 01:00:00 GMT+0100 (Central European Standard Time)

highEmerging Threat

Browse all 7 rules by Tom Ueltschi

Filter the full rule library to see only their contributions