Backdoored THOR Scanner Related DLL Loaded

Rule Info

Name
Backdoored THOR Scanner Related DLL Loaded
Author
Nasreddine Bencherchali (Nextron Systems)
Description
Detects the loading and execution of a known malicious THOR scanner version.
Reference
Internal Research
Date
2023-10-29 00:00:00
Modified
2023-12-06 00:00:00
Id
42732c36-e159-477c-99e1-47f70b7e3f22
Tags
attack.defense-evasion attack.t1574.002
Type
Nextron Sigma feed only (private)

Rule History

THOR Logo  Scan your endpoints, forensic images or collected files with our portable scanner THOR
  Warning: Access to VALHALLA is rate-limited - once you prove unworthy, access gets denied
  Nextron Systems 2022