Rule Library

Sigma Rules

2 rules found for "@41thexplorer"

3,707Total

3,116Detection

451Emerging

137Hunting

Filters

Type

Severity

Status

Product

Category

Emerging Threatcriticalstable

APT29 2018 Phishing Campaign File Indicators

Detects indicators of APT 29 (Cozy Bear) phishing-campaign as reported by mandiant

WindowsFile Event

TA0005 · Defense EvasionT1218.011 · Rundll32detection.emerging-threats

@41thexplorerTue Nov 202018

Emerging Threathighstable

TropicTrooper Campaign November 2018

Detects TropicTrooper activity, an actor who targeted high-profile organizations in the energy and food and beverage sectors in Asia

WindowsProcess Creation

TA0002 · ExecutionT1059.001 · PowerShelldetection.emerging-threats

@41thexplorer+1Tue Nov 122018