Rule Info
Name
Service Stopped Via TDSSKiller.EXE
Author
Nasreddine Bencherchali (Nextron Systems), X__Junior (Nextron Systems)
Description
Detects the execution of TDSSKiller in order to stop and terminate Windows services.
Date
2024-01-30 00:00:00
Modified
None
Id
f3f37ab8-14b3-4a7c-a9f7-4fe5128918c9
Tags
attack.execution attack.defense-evasion attack.t1562.001
Type
Nextron Sigma feed only (private)