Rule Library
Sigma Rules
6 rules found for "Goofy-Guineapig"
3,731Total
3,132Detection
457Emerging
139Hunting
Emerging Threathightest
Goofy Guineapig Backdoor IOC
Detects malicious indicators seen used by the Goofy Guineapig malware
WindowsFile Event
Nasreddine Bencherchali (Nextron Systems)Sun May 142021
Emerging Threathightest
Potential Goofy Guineapig Backdoor Activity
Detects a specific broken command that was used by Goofy-Guineapig as described by the NCSC report.
WindowsProcess Creation
X__Junior (Nextron Systems)Sun May 142021
Emerging Threathightest
Potential Goofy Guineapig GoolgeUpdate Process Anomaly
Detects "GoogleUpdate.exe" spawning a new instance of itself in an uncommon location as seen used by the Goofy Guineapig backdoor
WindowsProcess Creation
X__Junior (Nextron Systems)+1Mon May 152021
Emerging Threathightest
Goofy Guineapig Backdoor Potential C2 Communication
Detects potential C2 communication related to Goofy Guineapig backdoor
Proxy Log
Nasreddine Bencherchali (Nextron Systems)Sun May 142021
Emerging Threatcriticaltest
Goofy Guineapig Backdoor Service Creation
Detects service creation persistence used by the Goofy Guineapig backdoor
Windowssystem
Nasreddine Bencherchali (Nextron Systems)Mon May 152021
Emerging Threatcriticaltest
Small Sieve Malware Potential C2 Communication
Detects potential C2 communication related to Small Sieve malware
Proxy Log
Nasreddine Bencherchali (Nextron Systems)Fri May 192021