Generic Process Path Indicator
Authored By: Christopher Bentley – @cbentle2 Description: Generic Indicator to identify Common commands not run from their default process path locations. cmd.exe, csrss.exe, explorer.exe,...
View ArticlePWS-Zbot.gen.xj
Authored By: TomU @c_APT_ure Description: malware EXE in PWD-protected ZIP delivered via Mail Reports: http://www.threatexpert.com/report.aspx?md5=0b326488f7b5fc3c18641efbb6807b69...
View ArticleSysadmin Tools and Security Features Disabled by Malware
Authored By: TomU @c_APT_ure Description: This IOC detects disabled sysadmin tools (task manager, registry editor) presumably by malware. ThreatExpert uses these sentences: “to prevent users from...
View Article
More Pages to Explore .....