paulmataruso/main
1
0
Fork 0
mirror of https://github.com/socfortress/Wazuh-Rules.git synced 2025-10-23 00:02:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update and rename 91560-win_sigcheck_rules.xml to 100060-win_sigcheck_rules.xml

Browse Source
This commit is contained in:
taylor_socfortress
2023-03-07 08:01:38 -06:00
committed by GitHub
parent e65777a605
commit be1c6f9e80
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Windows Sysinternals Sigcheck/91560-win_sigcheck_rules.xml → Windows Sysinternals Sigcheck/100060-win_sigcheck_rules.xml
View File

@@ -1,5 +1,5 @@
<group name="windows,">
<rule id="91560" level="10">
<rule id="100060" level="10">
<decoded_as>json</decoded_as>
<field name="Path">\.+</field>
<field name="Verified">\.+</field>
@@ -10,8 +10,8 @@
<options>no_full_log</options>
<group>windows_sigcheck,</group>
</rule>
<rule id="91561" level="12">
<if_sid>91560</if_sid>
<rule id="100061" level="12">
<if_sid>100060</if_sid>
<field name="VTdetection">^\d\d\|</field>
<description>Windows Sigcheck - VirusTotal Hit Above 10 Matches</description>
<mitre>