Detection of Renamed ADExplorer.exe

Rule Info

Name
Detection of Renamed ADExplorer.exe
Author
MalGamy
Description
Detects instances of ADExplorer.exe that have been renamed, indicating potential malicious activity.
Date
2024-09-30 00:00:00
Modified
None
Id
20cd06ee-37c8-4784-bf31-b9580a536ad7
Tags
attack.execution attack.t1036.005
Type
Nextron Sigma feed only (private)

Rule History