Rule Library

Sigma Rules

2 rules found for "Maxim Pavlunin"

3,707Total

3,116Detection

451Emerging

137Hunting

Filters

Type

Severity

Status

Product

Category

Detectionhightest

HTML Help HH.EXE Suspicious Child Process

Detects a suspicious child process of a Microsoft HTML Help (HH.exe)

WindowsProcess Creation

TA0005 · Defense EvasionTA0002 · ExecutionTA0001 · Initial AccessT1047 · Windows Management Instrumentation+10

Maxim Pavlunin+1Wed Apr 01windows

Detectionhightest

Suspicious HH.EXE Execution

Detects a suspicious execution of a Microsoft HTML Help (HH.exe)

WindowsProcess Creation

TA0005 · Defense EvasionTA0002 · ExecutionTA0001 · Initial AccessT1047 · Windows Management Instrumentation+10

Maxim PavluninWed Apr 01windows