TGI HUNT Possiblly Malicious SP Name

SID: 2610584Rev: 116 viewsHistory

Sourcetgreen/hunting

CreatedMarch 19, 2025

UpdatedMarch 19, 2025

Classificationattempted-user

alert tcp any any -> $HOME_NET any (msg:"TGI HUNT Possiblly Malicious SP Name"; content:"sp_dropextendedproc"; flow:established; classtype:attempted-user; sid:2610584; rev:1;)

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!