Potential MuddyWater APT Activity

Rule Info

Name
Potential MuddyWater APT Activity
Author
Nasreddine Bencherchali (Nextron Systems)
Description
Detects potential Muddywater APT activity
Reference
https://www.mandiant.com/resources/blog/iranian-threat-group-updates-ttps-in-spear-phishing-campaign
Date
2023-03-10 00:00:00
Modified
None
Id
36222790-0d43-4fe8-86e4-674b27809543
Tags
attack.defense-evasion attack.execution attack.g0069 detection.emerging-threats
Type
Community Rule
Link to Public Repo
https://github.com/SigmaHQ/sigma/search?q=36222790-0d43-4fe8-86e4-674b27809543

Rule History

Author
Title
Date
Commit
Nasreddine Bencherchali
Merge PR #4950 from @nasbench - Comply With v2 Spec Changes
2024-08-12
598d29f81
frack113
Update tags
2023-06-20
8c5dba374
Nasreddine Bencherchali
chore: move rules to new folders (#4205)
2023-05-02
637d61088
Nasreddine Bencherchali
fix: apply suggestions from code review
2023-03-13
d7083f617
Nasreddine Bencherchali
feat: more apt rules updates
2023-03-10
a8462ec91
THOR Logo  Scan your endpoints, forensic images or collected files with our portable scanner THOR
  Warning: Access to VALHALLA is rate-limited - once you prove unworthy, access gets denied
  Nextron Systems 2022