beninsh
Results
1
issues of
beninsh
### Link to Rule https://github.com/elastic/detection-rules/blob/main/rules/windows/defense_evasion_execution_suspicious_explorer_winword.toml ### Rule Tuning Type None ### Description It seems that there is a typo in the query: The query includes the process executable `"?:\\Windows\\SyWOW64\\explorer.exe"` which...
Rule: Tuning
community
Team: TRADE