Potential DLL File Download Via PowerShell Invoke-WebRequest

Rule Info

Name
Potential DLL File Download Via PowerShell Invoke-WebRequest
Author
Florian Roth (Nextron Systems), Hieu Tran
Description
Detects potential DLL files being downloaded using the PowerShell Invoke-WebRequest cmdlet
Date
2023-03-13 00:00:00
Modified
None
Id
0f0450f3-8b47-441e-a31b-15a91dc243e2
Tags
attack.command_and_control attack.execution attack.t1059.001 attack.t1105 DEMO
Type
Community Rule

Rule History

Author
Title
Date
Commit
github-actions[bot]
Merge PR #4700 from @nasbench - Promote older rules status from `experimental` to `test`
2024-02-01
Tessa Georgen
Merge PR #4392 from @tjgeorgen - Update MITRE Tags
2023-08-28
Hieu Tran
feat: new rules related to ZScaler blog - OneNote: A Growing Threat for Malware Distribution (#4111)
2023-03-17