Rule Info
Name
COM Object Hijacking Via Modification Of Default System CLSID Default Value
Author
Nasreddine Bencherchali (Nextron Systems)
Description
Detects potential COM object hijacking via modification of default system CLSID.
Date
2024-07-16 00:00:00
Modified
2024-10-18 00:00:00
Id
790317c0-0a36-4a6a-a105-6e576bf99a14
Tags
attack.persistence attack.t1546.015 DEMO
Type
Community Rule
Link to Public Repo
Rule History
Author
Title
Date
Commit
Mohamed Ashraf
Merge PR #5026 from @X-Junior - Update `COM Object Hijacking Via Modification Of Default System CLSID Default Value`
2024-10-01
Nasreddine Bencherchali
Merge PR #4950 from @nasbench - Comply With v2 Spec Changes
2024-08-12
Nasreddine Bencherchali
Merge PR #4888 from @nasbench - Add multiple new rules, updates and fixes
2024-07-17
Nasreddine Bencherchali
Merge PR #4427 from @nasbench - Multiple Fixes & Enhancements
2023-10-04