PUA - Process Hacker Driver Load

Rule Info

Name
PUA - Process Hacker Driver Load
Author
Florian Roth (Nextron Systems)
Description
Detects driver load of the Process Hacker tool
Reference
https://processhacker.sourceforge.io/
Date
2022-11-16 00:00:00
Modified
2024-11-23 00:00:00
Id
67add051-9ee7-4ad3-93ba-42935615ae8d
Tags
attack.privilege-escalation cve.2021-21551 attack.t1543
Type
Community Rule
Link to Public Repo
https://github.com/SigmaHQ/sigma/search?q=67add051-9ee7-4ad3-93ba-42935615ae8d

Rule History

Author
Title
Date
Commit
frack113
Merge PR #5088 from @frack113 - Remove custom dedicated hash fields from sigmac
2024-11-25
d804e9cba
Nasreddine Bencherchali
Merge PR #4950 from @nasbench - Comply With v2 Spec Changes
2024-08-12
598d29f81
github-actions[bot]
Merge PR #4791 from @nasbench - Promote older rules status from `experimental` to `test`
2024-04-01
a8e1ecd65
Nasreddine Bencherchali
Merge PR #4577 from @nasbench - Multiple Fixes & Updates
2023-12-21
e05267714
Nasreddine Bencherchali
feat: new rules, updates and goofy guineapig stuff (#4229)
2023-05-15
0cb01970e
THOR Logo  Scan your endpoints, forensic images or collected files with our portable scanner THOR
  Warning: Access to VALHALLA is rate-limited - once you prove unworthy, access gets denied
  Nextron Systems 2022