Emerging Threats
Actor2018
Slingshot
2Rules
1References
1Folders
2022-11-27Latest
Summary
Slingshot is tracked here as a threat actor, intrusion set, or campaign with 2 Sigma detections spanning 2018. Coverage centers on windows / process_creation, windows / security.
Related Detections
Search this threatEmerging Threatmediumtest
Defrag Deactivation - Security
Detects the deactivation and disabling of the Scheduled defragmentation task as seen by Slingshot APT group
Windowssecurity
TA0004 · Privilege EscalationTA0002 · ExecutionTA0003 · PersistenceT1053 · Scheduled Task/Job+2
Florian Roth (Nextron Systems)+1Mon Mar 042018
Emerging Threatmediumtest
Defrag Deactivation
Detects the deactivation and disabling of the Scheduled defragmentation task as seen by Slingshot APT group
WindowsProcess Creation
TA0004 · Privilege EscalationTA0002 · ExecutionTA0003 · PersistenceT1053.005 · Scheduled Task+2
Florian Roth (Nextron Systems)+1Mon Mar 042018
References