Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Haaglumination #3203

Merged
merged 20 commits into from
Nov 20, 2024
Merged

Haaglumination #3203

merged 20 commits into from
Nov 20, 2024

Conversation

MHaggis
Copy link
Contributor

@MHaggis MHaggis commented Nov 13, 2024
edited
Loading

New Analytic Story

  • Lumma Stealer

New Analytics

  • Windows RunMRU Command Execution
  • Windows BitLockerToGo Process Execution
  • Windows BitLockerToGo with Network Activity

Tagged content

  • Malicious PowerShell Process - Encoded Command
  • PowerShell 4104 Hunting
  • Suspicious mshta child process
  • Detect MSHTA Url in Command Line

@MHaggis MHaggis added the WIP DO NOT MERGE Work in Progress label Nov 13, 2024
@mvelazc0
Copy link
Contributor

love it

@patel-bhavin patel-bhavin added this to the v4.44.0 milestone Nov 18, 2024
@MHaggis MHaggis removed the WIP DO NOT MERGE Work in Progress label Nov 20, 2024
patel-bhavin
patel-bhavin previously approved these changes Nov 20, 2024
View reviewed changes
@patel-bhavin patel-bhavin merged commit 046fbbf into develop Nov 20, 2024
6 checks passed
@patel-bhavin patel-bhavin deleted the lumma branch November 20, 2024 20:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@patel-bhavin patel-bhavin patel-bhavin approved these changes

@ljstella ljstella Awaiting requested review from ljstella ljstella is a code owner

Assignees
No one assigned
Labels
Detections Stories
Projects
None yet
Milestone
v4.44.0
Development

Successfully merging this pull request may close these issues.
4 participants
@MHaggis @mvelazc0 @patel-bhavin @nasbench