TGI HUNT Possiblly Malicious SP Name

SID: 2610584Rev: 1Disabled18 views
Filehunting.rules
CreatedMarch 19, 2025
UpdatedMarch 19, 2025
Classificationattempted-user
alert tcp any any -> $HOME_NET any (msg:"TGI HUNT Possiblly Malicious SP Name"; content:"sp_dropextendedproc"; flow:established; classtype:attempted-user; sid:2610584; rev:1;)

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!