Detects the creation of a named file stream with the imphash of a well-known hack tool

Read More

Detects the download of suspicious file type from a well-known file and paste sharing domain

Read More

Detects the download of suspicious file type from a well-known file and paste sharing domain

Read More

Detects the creation of a suspicious ADS (Alternate Data Stream) file by software other than browsers

Read More

Exports the target Registry key and hides it in the specified alternate data stream.

Read More

Detects the creation of an ADS (Alternate Data Stream) that contains an executable by looking at a non-empty Imphash

Read More

Detects potential suspicious winget package installation from a suspicious source.

Read More

Detects the download of a file with a potentially suspicious extension from a .zip top level domain.

Read More

Detects the download of suspicious file type from URLs with IP

Read More