mirror of
				https://github.com/LOLBAS-Project/LOLBAS
				synced 2025-10-25 14:55:19 +02:00 
			
		
		
		
	| @@ -23,6 +23,8 @@ Full_Path: | |||||||
|   - Path: C:\Windows\SysWOW64\desk.cpl |   - Path: C:\Windows\SysWOW64\desk.cpl | ||||||
| Detection: | Detection: | ||||||
|   - IOC:  |   - IOC:  | ||||||
|  |   - Sigma: https://github.com/SigmaHQ/sigma/blob/master/rules/windows/file_event/file_event_win_new_src_file.yml | ||||||
|  |   - Sigma: https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/proc_creation_win_rundll32_installscreensaver.yml | ||||||
| Resources: | Resources: | ||||||
|   - Link: https://vxug.fakedoma.in/zines/29a/29a7/Articles/29A-7.030.txt |   - Link: https://vxug.fakedoma.in/zines/29a/29a7/Articles/29A-7.030.txt | ||||||
|   - Link: https://twitter.com/pabraeken/status/998627081360695297 |   - Link: https://twitter.com/pabraeken/status/998627081360695297 | ||||||
| @@ -34,4 +36,6 @@ Acknowledgement: | |||||||
|     Handle: '@pabraeken' |     Handle: '@pabraeken' | ||||||
|   - Person: hai |   - Person: hai | ||||||
|     Handle: '@VakninHai' |     Handle: '@VakninHai' | ||||||
|  |     Person: Christopher Peacock | ||||||
|  |     Handle: '@SecurePeacock' | ||||||
| --- | --- | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user