Open groupecraft opened 7 months ago
detected by windows defender as Trojan:Script/Phonzy.A!ml as zip format
here are the files concerned signatures/sigma-rules/public/windows/powershell/powershell_classic/posh_pc_tamper_windows_defender_set_mp.yml signatures/sigma-rules/public/windows/powershell/powershell_script/posh_ps_tamper_windows_defender_set_mp.yml webfile: B:\dl\aurora-agent-lite-win-pack.zip|https://update1.nextron-systems.com/getupdate.php?product=aurora-agent-lite-win&|pid:6480,ProcessStart:133584569049788482
detected by windows defender as Trojan:Script/Phonzy.A!ml as zip format
here are the files concerned signatures/sigma-rules/public/windows/powershell/powershell_classic/posh_pc_tamper_windows_defender_set_mp.yml signatures/sigma-rules/public/windows/powershell/powershell_script/posh_ps_tamper_windows_defender_set_mp.yml webfile: B:\dl\aurora-agent-lite-win-pack.zip|https://update1.nextron-systems.com/getupdate.php?product=aurora-agent-lite-win&|pid:6480,ProcessStart:133584569049788482