Emerging Threats
Actor2018
APT29 CozyBear
2Rules
3References
1Folders
2023-03-08Latest
Summary
APT29 CozyBear is tracked here as a threat actor, intrusion set, or campaign with 2 Sigma detections spanning 2018. Coverage centers on windows / file_event, windows / process_creation.
Related Detections
Search this threatEmerging Threatcriticalstable
APT29 2018 Phishing Campaign CommandLine Indicators
Detects indicators of APT 29 (Cozy Bear) phishing-campaign as reported by mandiant
WindowsProcess Creation
TA0005 · StealthTA0002 · ExecutionT1218.011 · Rundll32detection.emerging-threats
Florian Roth (Nextron Systems)Tue Nov 202018
Emerging Threatcriticalstable
APT29 2018 Phishing Campaign File Indicators
Detects indicators of APT 29 (Cozy Bear) phishing-campaign as reported by mandiant
WindowsFile Event
TA0005 · StealthT1218.011 · Rundll32detection.emerging-threats
@41thexplorerTue Nov 202018
References