tali-ash
|
dd66127d30
|
Update IcedId attachments.md
|
2022-01-16 17:15:32 +02:00 |
|
tali-ash
|
f217f0d773
|
Update IcedId Delivery.md
|
2022-01-16 17:14:14 +02:00 |
Justin C
|
83bd748795
|
Update Suspicious Bitlocker Encryption.md
|
2021-06-03 13:48:37 -07:00 |
|
Justin C
|
4fe6e39ea7
|
Update LaZagne Credential Theft.md
|
2021-06-03 13:48:13 -07:00 |
|
Justin C
|
a70be3349f
|
Update IcedId attachments.md
|
2021-06-03 13:47:52 -07:00 |
|
Justin C
|
21a4f05e1d
|
Update Gootkit File Delivery.md
|
2021-06-03 13:47:29 -07:00 |
|
Justin C
|
49823d63f8
|
Update File Backup Deletion Alerts.md
|
2021-06-03 13:47:12 -07:00 |
|
Justin C
|
6b9d15b001
|
Update Distribution from remote location.md
|
2021-06-03 13:46:49 -07:00 |
|
Justin C
|
c3190abb0a
|
Update DarkSide.md
|
2021-06-03 13:46:27 -07:00 |
|
Justin C
|
9a9dd3ccbb
|
Create Qakbot discovery activies.md
|
2021-06-03 13:46:08 -07:00 |
|
Justin C
|
543ece0556
|
Create HTA Startup Persistence.md
|
2021-06-03 13:45:10 -07:00 |
|
Justin C
|
5e22e4bff7
|
Create Discovery for highly-privileged accounts.md
|
2021-06-03 13:44:11 -07:00 |
|
Justin C
|
186129a02d
|
Create Suspicious Google Doc Links.md
|
2021-06-03 13:43:07 -07:00 |
|
Justin C
|
1cbb8fd2b5
|
Create Fake Replies.md
|
2021-06-03 13:42:00 -07:00 |
|
Justin C
|
8a94bad2f2
|
Create Sticky Keys.md
|
2021-06-03 13:40:56 -07:00 |
|
Justin C
|
9d067ae397
|
Create IcedId attachments.md
|
2021-06-03 13:39:04 -07:00 |
|
Justin C
|
b95e22c2ef
|
Create Suspicious Image Load related to IcedId.md
|
2021-06-03 13:37:45 -07:00 |
|
Justin C
|
54b620e971
|
Create IcedId Delivery.md
|
2021-06-03 13:36:25 -07:00 |
|
Justin C
|
2249ad0ed8
|
Create IcedId email delivery.md
|
2021-06-03 13:35:27 -07:00 |
|
Justin C
|
d4a94d2953
|
Create LaZagne Credential Theft.md
|
2021-06-03 13:34:30 -07:00 |
|
Justin C
|
8917dd40a8
|
Create Gootkit File Delivery.md
|
2021-06-03 13:32:48 -07:00 |
|
Justin C
|
2d1370a375
|
Rename Suspicious Bitlocker Encryption to Suspicious Bitlocker Encryption.md
|
2021-06-03 13:31:20 -07:00 |
|
Justin C
|
17e21b07e5
|
Create DarkSide.md
|
2021-06-03 13:31:03 -07:00 |
|
Justin C
|
305561d147
|
Create Suspicious Bitlocker Encryption
|
2021-06-03 13:29:46 -07:00 |
|
Justin C
|
f38a2f92df
|
Create Distribution from remote location.md
|
2021-06-03 13:27:59 -07:00 |
|
Justin C
|
aa3549ed98
|
Create File Backup Deletion Alerts.md
|
2021-06-03 13:25:34 -07:00 |
|
Justin C
|
00d9b09ef9
|
Update Potential ransomware activity related to Cobalt Strike.md
|
2021-06-03 13:24:07 -07:00 |
|
Justin C
|
c5acaaf4d1
|
Update Potential ransomware activity related to Cobalt Strike.md
|
2021-06-03 13:23:29 -07:00 |
|
Justin C
|
5f2cd4c1b4
|
Rename Potential ransomware activity tied to Cobalt Strike to Potential ransomware activity related to Cobalt Strike.md
|
2021-06-03 13:22:46 -07:00 |
|
Justin C
|
341308f6e3
|
Create Potential ransomware activity tied to Cobalt Strike
|
2021-06-03 13:15:34 -07:00 |
|
tali-ash
|
42cf47f7e0
|
Create Check for multiple signs of ransomware activity.md
|
2021-02-15 15:41:30 +02:00 |
|
tali-ash
|
a4481e450f
|
Create Backup deletion.md
|
2021-02-15 15:39:38 +02:00 |
|
tali-ash
|
2cf94649c1
|
Create Turning off System Restore.md
|
2021-02-15 15:38:46 +02:00 |
|
tali-ash
|
9b0ac5ec55
|
Create Turning off services using sc exe.md
|
2021-02-15 15:37:50 +02:00 |
|
tali-ash
|
84014f7c39
|
Create Clearing of forensic evidence from event logs using wevtutil.md
|
2021-02-15 15:36:38 +02:00 |
|
tali-ash
|
84c333aa5f
|
Create Deletion of data on multiple drives using cipher exe.md
|
2021-02-15 15:35:49 +02:00 |
|
tali-ash
|
8842052703
|
Create Stopping processes using net stop.md
|
2021-02-15 15:34:39 +02:00 |
|
tali-ash
|
858ed6b767
|
Create Stopping multiple processes using taskkill.md
|
2021-02-15 15:13:57 +02:00 |