Sigma Rules
10 rules found for "Igor Fits"
Binary Padding - Linux
Adversaries may use binary padding to add junk data and change the on-disk representation of malware. This rule detect using dd and truncate to add a junk data to file.
File Time Attribute Change - Linux
Detect file time attribute change to hide new or changes to existing files.
Credentials In Files - Linux
Detecting attempts to extract passwords with grep
System Shutdown/Reboot - Linux
Adversaries may shutdown/reboot systems to interrupt access to, or aid in the destruction of, those systems.
Split A File Into Pieces - Linux
Detection use of the command "split" to split files into parts and possible transfer.
Binary Padding - MacOS
Adversaries may use binary padding to add junk data and change the on-disk representation of malware. This rule detect using dd and truncate to add a junk data to file.
File Time Attribute Change
Detect file time attribute change to hide new or changes to existing files
Credentials In Files
Detecting attempts to extract passwords with grep and laZagne
Split A File Into Pieces
Detection use of the command "split" to split files into parts and possible transfer.
System Shutdown/Reboot - MacOs
Adversaries may shutdown/reboot systems to interrupt access to, or aid in the destruction of, those systems.