Arbitrary File Download Via MSEDGE_PROXY.EXE

Rule Info

Name
Arbitrary File Download Via MSEDGE_PROXY.EXE
Author
Swachchhanda Shrawan Poudel
Description
Detects usage of "msedge_proxy.exe" to download arbitrary files
Reference
https://lolbas-project.github.io/lolbas/Binaries/msedge_proxy/
Date
2023-11-09 00:00:00
Modified
None
Id
e84d89c4-f544-41ca-a6af-4b92fd38b023
Tags
attack.defense-evasion attack.execution attack.t1218
Type
Community Rule
Link to Public Repo
https://github.com/SigmaHQ/sigma/search?q=e84d89c4-f544-41ca-a6af-4b92fd38b023

Rule History

Author
Title
Date
Commit
github-actions[bot]
Merge PR #5027 from @nasbench - Promote older rules status from `experimental` to `test`
2024-10-01
08c52c367
Nasreddine Bencherchali
Merge PR #4950 from @nasbench - Comply With v2 Spec Changes
2024-08-12
598d29f81
Swachchhanda Shrawan Poudel
Merge PR #4557 from @swachchhanda000 - Multiple Rule Updates & New Rules
2023-11-14
fc716d14f
THOR Logo  Scan your endpoints, forensic images or collected files with our portable scanner THOR
  Warning: Access to VALHALLA is rate-limited - once you prove unworthy, access gets denied
  Nextron Systems 2022