New Deployed Rules
Process Creation: 1. Suspicious Execution of InstallUtil Without Log 2. Suspicious Execution of InstallUtil To Download 3. Potential PowerShell Execution Via DLL 4. Suspicious Debugger Registration Cmdline 5. Dotnet.exe Exec Dll and Execute Unsigned Code LOLBIN 6. Potential DLL Injection Or Execution Using Tracker.exe 7. Suspicious Msbuild Execution By Uncommon Parent Process 8. Masquerading […]
