Skip to content

Commit e0bb7ec

Browse files
nterl0knterl0k
authored
Update windows_suspicious_services.csv
1 parent 71f1b53 commit e0bb7ec

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

lookups/windows_suspicious_services.csv

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,8 @@ aswSP_ArPot1,,killProcessPOC,Defense Evasion,offensive_tool,high,abused by MONTI
88
aswSP_ArPot2,,killProcessPOC,Defense Evasion,offensive_tool,high,abused by MONTI ransomware,https://github.com/timwhitez/killProcessPOC - https://github.com/mthcht/ThreatHunting-Keywords/tree/main/tools/I-K/killProcessPOC.csv - https://www.withsecure.com/content/dam/with-secure/en/resources/WS_Professionalisation_of_CyberCrime_EN.pdf
99
aswSP_ArPot3,,killProcessPOC,Defense Evasion,offensive_tool,high,abused by MONTI ransomware,https://github.com/timwhitez/killProcessPOC - https://github.com/mthcht/ThreatHunting-Keywords/tree/main/tools/I-K/killProcessPOC.csv - https://www.withsecure.com/content/dam/with-secure/en/resources/WS_Professionalisation_of_CyberCrime_EN.pdf
1010
aswSP_ArPots,,killProcessPOC,Defense Evasion,offensive_tool,high,abused by MONTI ransomware,https://github.com/timwhitez/killProcessPOC - https://github.com/mthcht/ThreatHunting-Keywords/tree/main/tools/I-K/killProcessPOC.csv - https://www.withsecure.com/content/dam/with-secure/en/resources/WS_Professionalisation_of_CyberCrime_EN.pdf
11-
SecurityCenterIBM,,Cl0p Ransomware,Defense Evasion,offensive_tool,high,abused by Clop ransomware,https://blog.virustotal.com/2020/11/keep-your-friends-close-keep-ransomware.html
12-
WinCheckDRVs,,Cl0p Ransomware,Defense Evasion,offensive_tool,high,abused by Clop ransomware,https://blog.virustotal.com/2020/11/keep-your-friends-close-keep-ransomware.html
11+
SecurityCenterIBM,,Clop Ransomware,Defense Evasion,offensive_tool,high,abused by Clop ransomware,https://blog.virustotal.com/2020/11/keep-your-friends-close-keep-ransomware.html
12+
WinCheckDRVs,,Clop Ransomware,Defense Evasion,offensive_tool,high,abused by Clop ransomware,https://blog.virustotal.com/2020/11/keep-your-friends-close-keep-ransomware.html
1313
BadWindowsService,,BadWindowsService,Privilege Escalation,offensive_tool,critical,https://github.com/eladshamir/BadWindowsService/blob/a7057720763fceaa7cbac9088d4c69b43d17a28f/BadWindowsService/ProjectInstaller.Designer.cs#L44,https://github.com/mthcht/ThreatHunting-Keywords/tree/main/tools/A-C/BadWindowsService.csv
1414
BlockNewProc,,BlockNewProc,Defense Evasion,offensive_tool,critical,PoCs to block new process with Process Notify Callback method - BlockNewProc,https://github.com/daem0nc0re/VectorKernel/blob/main/BlockNewProc/README.md
1515
BTOBTO,,smbExec,Lateral Movement,offensive_tool,critical,,https://github.com/mthcht/ThreatHunting-Keywords/blob/main/tools/I-K/impacket.csv

0 commit comments

Comments
 (0)