Quantcast
Channel: IOC: Forensic Artifacts » Windows
Browsing all 3 articles
Browse latest View live

Generic Process Path Indicator

Authored By: Christopher Bentley – @cbentle2 Description: Generic Indicator to identify Common commands not run from their default process path locations. cmd.exe, csrss.exe, explorer.exe,...

View Article



PWS-Zbot.gen.xj

Authored By: TomU @c_APT_ure Description: malware EXE in PWD-protected ZIP delivered via Mail Reports: http://www.threatexpert.com/report.aspx?md5=0b326488f7b5fc3c18641efbb6807b69...

View Article

Sysadmin Tools and Security Features Disabled by Malware

Authored By: TomU @c_APT_ure Description: This IOC detects disabled sysadmin tools (task manager, registry editor) presumably by malware. ThreatExpert uses these sentences: “to prevent users from...

View Article
Browsing all 3 articles
Browse latest View live




Latest Images