Suspicious Digital Signature Of AppX Package

Rule Info

Name
Suspicious Digital Signature Of AppX Package
Description
Detects execution of AppX packages with known suspicious or malicious signature
Reference
Internal Research
Modified
None
Date
2023-01-16 00:00:00
Author
Nasreddine Bencherchali (Nextron Systems)
Tags
attack.defense_evasion DEMO attack.execution
Id
b5aa7d60-c17e-4538-97de-09029d6cd76b
Type
Community Rule

Rule History

Author
Commit
Title
Date
Nasreddine Bencherchali
chore: add nextron authors tag
2023-02-01
Nasreddine Bencherchali
feat: new rules and updates
2023-01-17