SpamHammer E-mail Attempts
- Adam Crowe
- Posts: 58
- Last visit: Fri Apr 19, 2024 12:28 pm
- Has voted: 3 times
- Been upvoted: 3 times
- Adam Crowe
- Posts: 58
- Last visit: Fri Apr 19, 2024 12:28 pm
- Has voted: 3 times
- Been upvoted: 3 times
Re: SpamHammer E-mail Attempts
These are the rules that my app is trigger:
5 matches for rule
Dot net compiler compiles file from suspicious location by Joe Security from Joe Security Rule Set (GitHub)
Dot net compiler compiles file from suspicious location
5 matches for rule
Suspicious Csc.exe Source File Folder by Florian Roth from Sigma Integrated Rule Set (GitHub)
Detects a suspicious execution of csc.exe, which uses a source in a suspicious folder (e.g. AppData)
1 match for rule
Too Long PowerShell Commandlines by oscd.community, Natalia Shornikova from Sigma Integrated Rule Set (GitHub)
Detects Too long PowerShell command lines
5 matches for rule
Dot net compiler compiles file from suspicious location by Joe Security from Joe Security Rule Set (GitHub)
Dot net compiler compiles file from suspicious location
5 matches for rule
Suspicious Csc.exe Source File Folder by Florian Roth from Sigma Integrated Rule Set (GitHub)
Detects a suspicious execution of csc.exe, which uses a source in a suspicious folder (e.g. AppData)
1 match for rule
Too Long PowerShell Commandlines by oscd.community, Natalia Shornikova from Sigma Integrated Rule Set (GitHub)
Detects Too long PowerShell command lines
- Adam Crowe
- Posts: 58
- Last visit: Fri Apr 19, 2024 12:28 pm
- Has voted: 3 times
- Been upvoted: 3 times
Re: SpamHammer E-mail Attempts
These are the rules that my app is trigger:
5 matches for rule
Dot net compiler compiles file from suspicious location by Joe Security from Joe Security Rule Set (GitHub)
Dot net compiler compiles file from suspicious location
5 matches for rule
Suspicious Csc.exe Source File Folder by Florian Roth from Sigma Integrated Rule Set (GitHub)
Detects a suspicious execution of csc.exe, which uses a source in a suspicious folder (e.g. AppData)
1 match for rule
Too Long PowerShell Commandlines by oscd.community, Natalia Shornikova from Sigma Integrated Rule Set (GitHub)
Detects Too long PowerShell command lines
9 matches for rule
Windows PowerShell Web Request by James Pemberton / @4A616D6573 from Sigma Integrated Rule Set (GitHub)
Detects the use of various web request methods (including aliases) via Windows PowerShell
Matches rule PROTOCOL-DNS SPOOF query response with TTL of 1 min. and no authority from Snort registered user ruleset
Matches rule TAG_LOG_PKT from Snort registered user ruleset
5 matches for rule
Dot net compiler compiles file from suspicious location by Joe Security from Joe Security Rule Set (GitHub)
Dot net compiler compiles file from suspicious location
5 matches for rule
Suspicious Csc.exe Source File Folder by Florian Roth from Sigma Integrated Rule Set (GitHub)
Detects a suspicious execution of csc.exe, which uses a source in a suspicious folder (e.g. AppData)
1 match for rule
Too Long PowerShell Commandlines by oscd.community, Natalia Shornikova from Sigma Integrated Rule Set (GitHub)
Detects Too long PowerShell command lines
9 matches for rule
Windows PowerShell Web Request by James Pemberton / @4A616D6573 from Sigma Integrated Rule Set (GitHub)
Detects the use of various web request methods (including aliases) via Windows PowerShell
Matches rule PROTOCOL-DNS SPOOF query response with TTL of 1 min. and no authority from Snort registered user ruleset
Matches rule TAG_LOG_PKT from Snort registered user ruleset
- Adam Crowe
- Posts: 58
- Last visit: Fri Apr 19, 2024 12:28 pm
- Has voted: 3 times
- Been upvoted: 3 times
Re: SpamHammer E-mail Attempts
These are the rules that my app is trigger:
5 matches for rule
Dot net compiler compiles file from suspicious location by Joe Security from Joe Security Rule Set (GitHub)
Dot net compiler compiles file from suspicious location
5 matches for rule
Suspicious Csc.exe Source File Folder by Florian Roth from Sigma Integrated Rule Set (GitHub)
Detects a suspicious execution of csc.exe, which uses a source in a suspicious folder (e.g. AppData)
1 match for rule
Too Long PowerShell Commandlines by oscd.community, Natalia Shornikova from Sigma Integrated Rule Set (GitHub)
Detects Too long PowerShell command lines
9 matches for rule
Windows PowerShell Web Request by James Pemberton / @4A616D6573 from Sigma Integrated Rule Set (GitHub)
Detects the use of various web request methods (including aliases) via Windows PowerShell
2 matches for rule
Non Interactive PowerShell by Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements) from Sigma Integrated Rule Set (GitHub)
Detects non-interactive PowerShell activity by looking at
Sigma rule cannot be loaded.
Matches rule PROTOCOL-DNS SPOOF query response with TTL of 1 min. and no authority from Snort registered user ruleset
Matches rule TAG_LOG_PKT from Snort registered user ruleset
5 matches for rule
Dot net compiler compiles file from suspicious location by Joe Security from Joe Security Rule Set (GitHub)
Dot net compiler compiles file from suspicious location
5 matches for rule
Suspicious Csc.exe Source File Folder by Florian Roth from Sigma Integrated Rule Set (GitHub)
Detects a suspicious execution of csc.exe, which uses a source in a suspicious folder (e.g. AppData)
1 match for rule
Too Long PowerShell Commandlines by oscd.community, Natalia Shornikova from Sigma Integrated Rule Set (GitHub)
Detects Too long PowerShell command lines
9 matches for rule
Windows PowerShell Web Request by James Pemberton / @4A616D6573 from Sigma Integrated Rule Set (GitHub)
Detects the use of various web request methods (including aliases) via Windows PowerShell
2 matches for rule
Non Interactive PowerShell by Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements) from Sigma Integrated Rule Set (GitHub)
Detects non-interactive PowerShell activity by looking at
Sigma rule cannot be loaded.
Matches rule PROTOCOL-DNS SPOOF query response with TTL of 1 min. and no authority from Snort registered user ruleset
Matches rule TAG_LOG_PKT from Snort registered user ruleset
- Adam Crowe
- Posts: 58
- Last visit: Fri Apr 19, 2024 12:28 pm
- Has voted: 3 times
- Been upvoted: 3 times
Re: SpamHammer E-mail Attempts
These are the rules that my app is trigger:
5 matches for rule
Dot net compiler compiles file from suspicious location by Joe Security from Joe Security Rule Set (GitHub)
Dot net compiler compiles file from suspicious location
5 matches for rule
Suspicious Csc.exe Source File Folder by Florian Roth from Sigma Integrated Rule Set (GitHub)
Detects a suspicious execution of csc.exe, which uses a source in a suspicious folder (e.g. AppData)
1 match for rule
Too Long PowerShell Commandlines by oscd.community, Natalia Shornikova from Sigma Integrated Rule Set (GitHub)
Detects Too long PowerShell command lines
9 matches for rule
Windows PowerShell Web Request by James Pemberton / @4A616D6573 from Sigma Integrated Rule Set (GitHub)
Detects the use of various web request methods (including aliases) via Windows PowerShell
2 matches for rule
Non Interactive PowerShell by Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements) from Sigma Integrated Rule Set (GitHub)
Detects non-interactive PowerShell activity by looking at with not explorer.exe as a parent.
Sigma rule cannot be loaded.
Matches rule PROTOCOL-DNS SPOOF query response with TTL of 1 min. and no authority from Snort registered user ruleset
Matches rule TAG_LOG_PKT from Snort registered user ruleset
5 matches for rule
Dot net compiler compiles file from suspicious location by Joe Security from Joe Security Rule Set (GitHub)
Dot net compiler compiles file from suspicious location
5 matches for rule
Suspicious Csc.exe Source File Folder by Florian Roth from Sigma Integrated Rule Set (GitHub)
Detects a suspicious execution of csc.exe, which uses a source in a suspicious folder (e.g. AppData)
1 match for rule
Too Long PowerShell Commandlines by oscd.community, Natalia Shornikova from Sigma Integrated Rule Set (GitHub)
Detects Too long PowerShell command lines
9 matches for rule
Windows PowerShell Web Request by James Pemberton / @4A616D6573 from Sigma Integrated Rule Set (GitHub)
Detects the use of various web request methods (including aliases) via Windows PowerShell
2 matches for rule
Non Interactive PowerShell by Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements) from Sigma Integrated Rule Set (GitHub)
Detects non-interactive PowerShell activity by looking at with not explorer.exe as a parent.
Sigma rule cannot be loaded.
Matches rule PROTOCOL-DNS SPOOF query response with TTL of 1 min. and no authority from Snort registered user ruleset
Matches rule TAG_LOG_PKT from Snort registered user ruleset
- adamctest2
- Posts: 12
- Last visit: Thu Jul 20, 2023 2:45 pm