Rule Library

Sigma Rules

6 rules found for "Diamond-Sleet"

3,731Total

3,132Detection

457Emerging

139Hunting

Filters

Type

Severity

Status

Product

Category

Emerging Threathightest

Diamond Sleet APT DNS Communication Indicators

Detects DNS queries related to Diamond Sleet APT activity

WindowsDNS Query

Nasreddine Bencherchali (Nextron Systems)Tue Oct 242023

Emerging Threathightest

Diamond Sleet APT File Creation Indicators

Detects file creation activity that is related to Diamond Sleet APT activity

WindowsFile Event

Nasreddine Bencherchali (Nextron Systems)Tue Oct 242023

Emerging Threathightest

Diamond Sleet APT DLL Sideloading Indicators

Detects DLL sideloading activity seen used by Diamond Sleet APT

WindowsImage Load (DLL)

Nasreddine Bencherchali (Nextron Systems)Tue Oct 242023

Emerging Threathightest

Diamond Sleet APT Process Activity Indicators

Detects process creation activity indicators related to Diamond Sleet APT

WindowsProcess Creation

Nasreddine Bencherchali (Nextron Systems)Tue Oct 242023

Emerging Threathightest

Diamond Sleet APT Scheduled Task Creation - Registry

Detects registry event related to the creation of a scheduled task used by Diamond Sleet APT during exploitation of Team City CVE-2023-42793 vulnerability

WindowsRegistry Event

Nasreddine Bencherchali (Nextron Systems)Tue Oct 242023

Emerging Threatcriticaltest

Diamond Sleet APT Scheduled Task Creation

Detects registry event related to the creation of a scheduled task used by Diamond Sleet APT during exploitation of Team City CVE-2023-42793 vulnerability

Windowssecurity

Nasreddine Bencherchali (Nextron Systems)Tue Oct 242023