Rule Library
Sigma Rules
2 rules found for "Swisscom"
3,707Total
3,116Detection
451Emerging
137Hunting
Emerging Threathightest
Potential Ke3chang/TidePool Malware Activity
Detects registry modifications potentially related to the Ke3chang/TidePool malware as seen in campaigns running in 2019 and 2020
WindowsProcess Creation
G0004 · G0004TA0005 · Defense EvasionT1562.001 · Disable or Modify Toolsdetection.emerging-threats
Markus Neis+1Thu Jun 182020
Emerging Threathighstable
Trickbot Malware Activity
Detects Trickbot malware process tree pattern in which "rundll32.exe" is a parent of "wermgr.exe"
WindowsProcess Creation
TA0002 · ExecutionT1559 · Inter-Process Communicationdetection.emerging-threats
Florian Roth (Nextron Systems)Thu Nov 262020