Skip to content

Commit 897986e

Browse files
t-contrerast-contreras
committed
objectivity_stealer
1 parent 9e56adf commit 897986e

26 files changed

+26
-26
lines changed

detections/endpoint/cmd_carry_out_string_command_parameter.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ tags:
6767
- RedLine Stealer
6868
- Log4Shell CVE-2021-44228
6969
- Interlock Rat
70-
- Obj3ctivity Stealer
70+
- 0bj3ctivity Stealer
7171
asset_type: Endpoint
7272
cve:
7373
- CVE-2021-44228

detections/endpoint/download_files_using_telegram.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,7 @@ tags:
5858
- Snake Keylogger
5959
- XMRig
6060
- Water Gamayun
61-
- Obj3ctivity Stealer
61+
- 0bj3ctivity Stealer
6262
asset_type: Endpoint
6363
mitre_attack_id:
6464
- T1105

detections/endpoint/malicious_powershell_process___execution_policy_bypass.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@ tags:
7575
- Salt Typhoon
7676
- XWorm
7777
- DarkCrystal RAT
78-
- Obj3ctivity Stealer
78+
- 0bj3ctivity Stealer
7979
asset_type: Endpoint
8080
mitre_attack_id:
8181
- T1059.001

detections/endpoint/non_firefox_process_access_firefox_profile_dir.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ tags:
6767
- FIN7
6868
- Snake Keylogger
6969
- China-Nexus Threat Activity
70-
- Obj3ctivity Stealer
70+
- 0bj3ctivity Stealer
7171
asset_type: Endpoint
7272
mitre_attack_id:
7373
- T1555.003

detections/endpoint/potential_telegram_api_request_via_commandline.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -72,7 +72,7 @@ tags:
7272
analytic_story:
7373
- XMRig
7474
- Water Gamayun
75-
- Obj3ctivity Stealer
75+
- 0bj3ctivity Stealer
7676
asset_type: Endpoint
7777
mitre_attack_id:
7878
- T1102.002

detections/endpoint/powershell_4104_hunting.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -82,7 +82,7 @@ tags:
8282
- XWorm
8383
- Scattered Spider
8484
- Interlock Ransomware
85-
- Obj3ctivity Stealer
85+
- 0bj3ctivity Stealer
8686
asset_type: Endpoint
8787
mitre_attack_id:
8888
- T1059.001

detections/endpoint/powershell_fileless_script_contains_base64_encoded_content.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,7 @@ tags:
6363
- Hermetic Wiper
6464
- IcedID
6565
- XWorm
66-
- Obj3ctivity Stealer
66+
- 0bj3ctivity Stealer
6767
mitre_attack_id:
6868
- T1027
6969
- T1059.001

detections/endpoint/powershell_loading_dotnet_into_memory_via_reflection.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -71,7 +71,7 @@ tags:
7171
- Hermetic Wiper
7272
- Malicious PowerShell
7373
- Data Destruction
74-
- Obj3ctivity Stealer
74+
- 0bj3ctivity Stealer
7575
asset_type: Endpoint
7676
mitre_attack_id:
7777
- T1059.001

detections/endpoint/randomly_generated_scheduled_task_name.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ tags:
3333
- Active Directory Lateral Movement
3434
- CISA AA22-257A
3535
- Scheduled Tasks
36-
- Obj3ctivity Stealer
36+
- 0bj3ctivity Stealer
3737
asset_type: Endpoint
3838
mitre_attack_id:
3939
- T1053.005

detections/endpoint/registry_keys_used_for_persistence.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -115,7 +115,7 @@ tags:
115115
- Windows Persistence Techniques
116116
- MoonPeak
117117
- Interlock Ransomware
118-
- Obj3ctivity Stealer
118+
- 0bj3ctivity Stealer
119119
asset_type: Endpoint
120120
mitre_attack_id:
121121
- T1547.001

0 commit comments

Comments
 (0)