detection-rules
detection-rules copied to clipboard
elastic
[New Rule] Google Sheets C2 Detection Review (Voldemort)
Description
Review detection coverage for C2 via Google Sheets from recent "Voldemort" campaign.
Target Ruleset
windows
Target Rule Type
Event Correlation (EQL)
Tested ECS Version
No response
Query
No response
New fields required in ECS/data sources for this rule?
No response
Related issues or PRs
Related: https://github.com/elastic/ia-trade-team/issues/271
References
https://www.proofpoint.com/us/blog/threat-insight/malware-must-not-be-named-suspected-espionage-campaign-delivers-voldemort?utm_source=twitter&utm_medium=social_organic&utm_campaign=2024&utm_post_id=577aa726-abfa-4cc3-a049-463c2f14d12a
Redacted Example Data
No response
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
![botelastic[bot] avatar](https://avatars.githubusercontent.com/u/6764390?v=4 "Published by a pub.dev verified publisher"){kind=small}
This has been closed due to inactivity. If you feel this is an error, please re-open and include a justifying comment.
Closing this issue as it is currently out of scope for TRADE's cloud threat research.