Gameel Ali

icon indicating a website link https://malgamy.github.io/ icon indicating an email [email protected]

icon company Nextron system icon location Egypt icon location Threat Researcher

Results 3 issues of Gameel Ali

Update Suspicious Double Extension File Execution Rules

2 comment

### Summary of the Pull Request update susp double extension rule ### Changelog update: Suspicious Process Execution Masquerading as Legitimate Files - Add new values to detection values ### Example...

Rules
Work In Progress
Windows

Update proc_creation_win_reg_windows_defender_tamper.yml

### Summary of the Pull Request Add new values which used by the attacker to disable windows defender ### Changelog update: Suspicious Windows Defender Registry Key Tampering Via Reg.EXE ###...

Rules
Work In Progress
Author Input Required
Windows

Update proc_creation_win_findstr_security_keyword_lookup.yml

1 comment

### Summary of the Pull Request Update Rule: security Tools Keyword Lookup Via Findstr.EXE ### Changelog Update proc_creation_win_findstr_security_keyword_lookup.yml ### Example Log Event Add some security keywords to the list. https://www.joesandbox.com/analysis/1547706/0/html...

Rules
Review Needed
Windows