Rule Info
Name
Suspicious Download and Execution Combo in Linux
Author
Swachchhanda Shrawan Poudel (Nextron Systems)
Description
Detect suspicious command line patterns where a download command line utility is executed in combination with other suspicious command line utilities.
This could indicate potential malicious activity such as downloading and various other actions like decoding, changing permissions, or executing the downloaded file or creating persistence.
Date
2026-02-05 00:00:00
Modified
None
Id
2fca7ec9-0402-4f03-a462-b1c9ac5c72bf
Tags
attack.execution attack.t1059.004 attack.command-and-control attack.t1105
Type
Nextron Sigma feed only (private)
