Update Stordiag.yml

This commit is contained in:
eral4m 2021-10-21 10:30:54 +01:00
parent b723258dbf
commit 8b49ca2054

View File

@ -16,7 +16,7 @@ Full_Path:
- Path: c:\windows\system32\stordiag.exe
- Path: c:\windows\syswow64\stordiag.exe
Detection:
- IOC: systeminfo.exe, fltmc.exe or schtasks.exe being executed outside of their normal path of c:\windows\system32\ or c:\windows\syswow64
- IOC: systeminfo.exe, fltmc.exe or schtasks.exe being executed outside of their normal path of c:\windows\system32\ or c:\windows\syswow64\
Resources:
- Link: https://twitter.com/eral4m/status/1451112385041911809