Sponsor of the Day:
Jerkmate
https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_office_vsto/
Potential Persistence Via Visual Studio Tools for Office | Detection.FYI
Detects persistence via Visual Studio Tools for Office (VSTO) add-ins in Office applications.
potential persistence viavisual studiodetection fyitoolsoffice
https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_mycomputer/
Potential Persistence Via MyComputer Registry Keys | Detection.FYI
Detects modification to the
potential persistence viaregistry keysdetection fyi
https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_notepad_plus_plus_persistence/
Potential Persistence Via Notepad++ Plugins | Detection.FYI
Detects creation of new
potential persistence viadetection fyinotepadplugins