Access To Crypto Currency Wallets By Uncommon Applications

Rule Info

Name
Access To Crypto Currency Wallets By Uncommon Applications
Author
X__Junior (Nextron Systems)
Description
Detects file access requests to crypto currency files by uncommon processes. Could indicate potential attempt of crypto currency wallet stealing.
Reference
Internal Research
Date
2024-07-29 00:00:00
Modified
None
Id
f41b0311-44f9-44f0-816d-dd45e39d4bc8
Tags
attack.t1003 attack.credential-access DEMO
Type
Community Rule

Rule History

Author
Title
Date
Commit
Nasreddine Bencherchali
Merge PR #4950 from @nasbench - Comply With v2 Spec Changes
2024-08-12
Mohamed Ashraf
Merge PR #4934 from @X-Junior - Update and add new `file_access` rules
2024-07-31