Rule Library
Sigma Rules
2 rules found for "FoggyWeb"
3,731Total
3,132Detection
457Emerging
139Hunting
Emerging Threatcriticaltest
FoggyWeb Backdoor DLL Loading
Detects DLL hijacking technique used by NOBELIUM in their FoggyWeb backdoor. Which loads a malicious version of the expected "version.dll" dll
WindowsImage Load (DLL)
Florian Roth (Nextron Systems)Mon Sep 272021
Emerging Threatcriticaltest
Malicious DLL Load By Compromised 3CXDesktopApp
Detects DLL load activity of known compromised DLLs used in by the compromised 3CXDesktopApp
WindowsImage Load (DLL)
Nasreddine Bencherchali (Nextron Systems)Fri Mar 312023