Phoenix
Sigma Intelligence
Beta
Home
Detections
Rules
Authors
MITRE
KB
Convert
Analytics
Coverage
Field Explorer
Testing
Ecosystem
Releases
About
Team
Philosophy
Search Rules
Rule Library
Sigma Rules
1 rule found for "vburov"
3,707
Total
3,116
Detection
451
Emerging
137
Hunting
Filters
Detection
low
test
Windows Processes Suspicious Parent Directory
Detect suspicious parent processes of well-known Windows processes
Windows
Process Creation
TA0005 · Defense Evasion
T1036.003 · Rename System Utilities
T1036.005 · Match Legitimate Name or Location
vburov
Sat Feb 23
windows