Sponsor of the Day:
Jerkmate
https://codeberg.org/FreeBSD/freebsd-ports/commit/1e5c9d963b29fcb492542db89edd686c2ba123cb
Newer commits will be used to rename detection. This can be used in a common.
rename detectionnewercommitsusedcommon
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_binary/
Potential Defense Evasion Via Binary Rename | Detection.FYI
Detects the execution of a renamed binary often used by attackers or malware leveraging new Sysmon OriginalFileName datapoint.
defense evasionrename detectionpotentialviabinary
https://codeberg.org/FreeBSD/freebsd-ports/commit/9647d78b7ea34fd842075f63c6f9c42f9a012091
Git performs rename detection is disabled. If set to force 64-bit index entries.
rename detection64 bitgitperformsdisabled