Rule Library
Sigma Rules
3 rules found for "MustangPanda"
3,731Total
3,132Detection
457Emerging
139Hunting
Emerging Threathightest
Mustang Panda Dropper
Detects specific process parameters as used by Mustang Panda droppers
WindowsProcess Creation
Florian Roth (Nextron Systems)+1Wed Oct 302019
Emerging Threathightest
Potential APT Mustang Panda Activity Against Australian Gov
Detects specific command line execution used by Mustang Panda in a targeted attack against the Australian government as reported by Lab52
WindowsProcess Creation
Nasreddine Bencherchali (Nextron Systems)Mon May 152023
Emerging Threathightest
Potential Raspberry Robin Aclui Dll SideLoading
Detects potential sideloading of malicious "aclui.dll" by OleView.This behavior was observed in Raspberry-Robin variants reported by chekpoint research on Feburary 2024.
WindowsImage Load (DLL)
Swachchhanda Shrawan PoudelWed Jul 312024