Rule Library

Sigma Rules

2 rules found for "Jose Luis Sanchez Martinez"

3,707Total

3,116Detection

451Emerging

137Hunting

Filters

Type

Severity

Status

Product

Category

Detectionmediumtest

HackTool - Jlaive In-Memory Assembly Execution

Detects the use of Jlaive to execute assemblies in a copied PowerShell

WindowsProcess Creation

TA0002 · ExecutionT1059.003 · Windows Command Shell

Jose Luis Sanchez MartinezTue May 24windows

Detectionmediumtest

ScreenSaver Registry Key Set

Detects registry key established after masqueraded .scr file execution using Rundll32 through desk.cpl

WindowsRegistry Set

TA0005 · Defense EvasionT1218.011 · Rundll32

Jose Luis Sanchez MartinezWed May 04windows