![]() exe "C:\Us ers\user\D esktop\GMo d-SDK-x86. exe /C ru ndll32.exe "C:\Users \user\Desk top\GMod-S DK-x86.dll ",#1, Comm andLine|ba se64offset |contains:, Image: C:\Windows \SysWOW64\ cmd.exe, N ewProcessN ame: C:\Wi ndows\SysW OW64\cmd.e xe, Origin alFileName : C:\Windo ws\SysWOW6 4\cmd.exe, ParentCom mandLine: loaddll32. Sigma detected: Conti Volume Shadow ListingĪuthor: Max Altgelt, Tobias Michalski: Data: Comm and: cmd.e xe /C rund ll32.exe " C:\Users\u ser\Deskto p\GMod-SDK -x86.dll", #1, Comman dLine: cmd. Sigma detected: Compress Data and Lock With Password for Exfiltration With WINZIP Sigma detected: Stop Or Remove Antivirus Service Sigma detected: Compress Data and Lock With Password for Exfiltration With 7-ZIP Sigma detected: Suspicious PowerShell Invocations - GenericĪuthor: Florian Roth (rule): Data: Even tID: 53504, Source: Microsoft- Windows-Po werShell, data 0: 14 92, data 1 : DefaultA ppDomain exe /C ru ndll32.exe "C:\Users \user\Desk top\GMod-S DK-x86.dll ",#1, Proc essId: 464 0 dll", Pare ntImage: C :\Windows\ System32\l oaddll32.e xe, Parent ProcessId: 2076, Pro cessComman dLine: cmd. Sigma detected: Disable or Delete Windows EventlogĪuthor: frack113: Data: Comm and: cmd.e xe /C rund ll32.exe " C:\Users\u ser\Deskto p\GMod-SDK -x86.dll", #1, Comman dLine: cmd. ![]() Author: Florian Roth: Data: Comm and: cmd.e xe /C rund ll32.exe " C:\Users\u ser\Deskto p\GMod-SDK -x86.dll", #1, Comman dLine: cmd.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |