[New] Unusual Execution via Microsoft Common Console File #3663

Samirbous · 2024-05-12T18:49:39Z

https://www.genians.co.kr/blog/threat_intelligence/facebook

rules/windows/execution_initial_access_via_msc_file.toml

Co-authored-by: Ruben Groenewoud <[email protected]>

rules/windows/execution_initial_access_via_msc_file.toml

terrancedejesus

Changes look good, thanks!

Co-authored-by: Jonhnathan <[email protected]>

* [New] Unusual Execution via Microsoft Common Console File https://www.genians.co.kr/blog/threat_intelligence/facebook * Update rules/windows/execution_initial_access_via_msc_file.toml Co-authored-by: Ruben Groenewoud <[email protected]> * Update rules/windows/execution_initial_access_via_msc_file.toml Co-authored-by: Jonhnathan <[email protected]> * Update rules/windows/execution_initial_access_via_msc_file.toml Co-authored-by: Jonhnathan <[email protected]> * Update execution_initial_access_via_msc_file.toml --------- Co-authored-by: Ruben Groenewoud <[email protected]> Co-authored-by: Jonhnathan <[email protected]> (cherry picked from commit a1ef8c9)

[New] Unusual Execution via Microsoft Common Console File

1a2aa19

https://www.genians.co.kr/blog/threat_intelligence/facebook

Samirbous added Rule: New Proposal for new rule OS: Windows windows related rules labels May 12, 2024

Samirbous self-assigned this May 12, 2024

botelastic bot added the Domain: Endpoint label May 12, 2024

github-actions bot added community backport: auto labels May 12, 2024

Samirbous requested review from w0rk3r, Aegrah, terrancedejesus and DefSecSentinel May 12, 2024 18:52

Aegrah approved these changes May 13, 2024

View reviewed changes

rules/windows/execution_initial_access_via_msc_file.toml Outdated Show resolved Hide resolved

Samirbous and others added 2 commits May 13, 2024 10:25

Update rules/windows/execution_initial_access_via_msc_file.toml

c369bb1

Co-authored-by: Ruben Groenewoud <[email protected]>

Merge branch 'main' into MSC

911a5b2

w0rk3r approved these changes May 14, 2024

View reviewed changes

rules/windows/execution_initial_access_via_msc_file.toml Outdated Show resolved Hide resolved

rules/windows/execution_initial_access_via_msc_file.toml Outdated Show resolved Hide resolved

terrancedejesus approved these changes May 14, 2024

View reviewed changes

Samirbous and others added 4 commits May 14, 2024 13:55

Update rules/windows/execution_initial_access_via_msc_file.toml

a8f499a

Co-authored-by: Jonhnathan <[email protected]>

Update rules/windows/execution_initial_access_via_msc_file.toml

30ca66b

Co-authored-by: Jonhnathan <[email protected]>

Merge branch 'main' into MSC

5a0e85d

Update execution_initial_access_via_msc_file.toml

26bc9b9

Samirbous merged commit a1ef8c9 into main May 14, 2024
14 checks passed

Samirbous deleted the MSC branch May 14, 2024 14:07

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[New] Unusual Execution via Microsoft Common Console File #3663

[New] Unusual Execution via Microsoft Common Console File #3663

Samirbous commented May 12, 2024

terrancedejesus left a comment

[New] Unusual Execution via Microsoft Common Console File #3663

[New] Unusual Execution via Microsoft Common Console File #3663

Conversation

Samirbous commented May 12, 2024

terrancedejesus left a comment

Choose a reason for hiding this comment