Rule Library
Sigma Rules
6 rules found for "Turla"
3,731Total
3,132Detection
457Emerging
139Hunting
Emerging Threatcriticaltest
Turla Group Lateral Movement
Detects automated lateral movement by Turla group
WindowsProcess Creation
Markus NeisTue Nov 072014
Emerging Threatcriticaltest
Turla Group Commands May 2020
Detects commands used by Turla group as reported by ESET in May 2020
WindowsProcess Creation
Florian Roth (Nextron Systems)Tue May 262014
Emerging Threatcriticaltest
Turla Group Named Pipes
Detects a named pipe used by Turla group samples
WindowsNamed Pipe Created
Markus NeisMon Nov 062017
Emerging Threathightest
Turla Service Install
This method detects a service install of malicious services mentioned in Carbon Paper - Turla report by ESET
Windowssystem
Florian Roth (Nextron Systems)Fri Mar 312017
Emerging Threatcriticaltest
Turla PNG Dropper Service
This method detects malicious services mentioned in Turla PNG dropper report by NCC Group in November 2018
Windowssystem
Florian Roth (Nextron Systems)Fri Nov 232017
Emerging Threathightest
ComRAT Network Communication
Detects Turla ComRAT network communication.
Proxy Log
Florian Roth (Nextron Systems)Tue May 262020