Skip to content

Commit 4aa2ad4

Browse files
Neo23x0Neo23x0
committed
SeriousSAM CS Pattern
1 parent 876166b commit 4aa2ad4

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

sysmonconfig-export.xml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -555,6 +555,7 @@
555555
<TargetFilename condition="contains">\SAM-haxx</TargetFilename> <!-- Default output of HiveNightmare / SeriousSAM tools -->
556556
<TargetFilename condition="contains">\Sam.save</TargetFilename> <!-- Default output of HiveNightmare / SeriousSAM tools -->
557557
<TargetFilename condition="contains">\hive_sam_</TargetFilename> <!-- Default output of HiveNightmare / SeriousSAM tools -->
558+
<TargetFilename condition="is">C:\windows\temp\sam</TargetFilename> <!-- Default output of HiveNightmare / SeriousSAM tools -->
558559
<TargetFilename condition="begin with">C:\Windows\System32\spool\drivers\x64</TargetFilename> <!-- PrinterNight -->
559560
</FileCreate>
560561
</RuleGroup>

0 commit comments

Comments
 (0)