Process Hacker and System Informer Driver Load

Rule Info

Id
67add051-9ee7-4ad3-93ba-42935615ae8d
Author
Florian Roth
Name
Process Hacker and System Informer Driver Load
Tags
attack.privilege_escalation attack.t1543 cve.2021.21551 DEMO
Date
2022-11-16 00:00:00
Modified
None
Description
Detects the load of drivers used by Process Hacker and System Informer
Type
Community Rule

Rule History

Author
Date
Commit
Title
Florian Roth
2022-11-16
fix: list with one element
Florian Roth
2022-11-16
fix: duplicate uuid
Florian Roth
2022-11-16
rule: proc hacker, system informer driver load; refactor: imphash casing