Rule Library

Sigma Rules

1 rule found for "Dusty Miller"

3,707Total

3,116Detection

451Emerging

137Hunting

Filters

Type

Severity

Status

Product

Potential SocGholish Second Stage C2 DNS Query

Detects a DNS query initiated from a "wscript" process for domains matching a specific pattern that was seen being used by SocGholish for its Command and Control traffic

WindowsDNS Query

TA0011 · Command and Controlattack.t1219.002detection.emerging-threats

Dusty MillerThu Feb 232023