Rule Library
Sigma Rules
2 rules found for "QBot"
3,731Total
3,132Detection
457Emerging
139Hunting
Emerging Threatcriticalstable
Potential QBot Activity
Detects potential QBot activity by looking for process executions used previously by QBot
WindowsProcess Creation
Florian Roth (Nextron Systems)Tue Oct 012019
Emerging Threathightest
Exploitation Attempt Of CVE-2020-1472 - Execution of ZeroLogon PoC
Detects the execution of the commonly used ZeroLogon PoC executable.
WindowsProcess Creation
kostastsale+1Sat Feb 122020