Detection rules for SIGRed vulnerability — Elastic Security Labs
Tags
attack-pattern: Dll Side-Loading - T1574.002 Dns - T1071.004 Dns - T1590.002 Dns Server - T1583.002 Dns Server - T1584.002 Vulnerabilities - T1588.006 Dll Side-Loading - T1073
Show in Graph
Common Information
Type Value
UUID 0409e0fa-49c3-461d-a32c-f27744cacf9d
Fingerprint b4904dd7a946d882
Analysis status DONE
Considered CTI value 0
Text language
Published Nov. 22, 2022, midnight
Added to db Nov. 20, 2023, 12:58 a.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Detection rules for SIGRed vulnerability
Title Detection rules for SIGRed vulnerability — Elastic Security Labs
Detected Hints/Tags/Attributes 31/1/8
Source URLs
Redirection Url
Details Source https://www.elastic.co/security-labs/detection-rules-for-sigred-vulnerability
URL Provider
Details Provider Source level domain
Details elastic.co www.elastic.co
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 306 Elastic Security Labs https://www.elastic.co/security-labs/rss/feed.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 22 
cve-2020-1350
Details Domain 21 
process.parent.name
Details Domain 55 
process.name
Details Domain 32 
file.name
Details File 11 
dns.exe
Details File 137 
conhost.exe
Details File 12 
dns.log
Details File 25 
event.dat