Added code to support flagging suspicious wmi filter events, also added sample log file

Browse Source

...

This commit is contained in:

netscylla

2021-09-16 13:55:34 +01:00

parent 45c21e3821

commit ddb9e3e0fa

2 changed files with 18 additions and 1 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

BIN

evtx/wmi-event-filter-persistance.evtx Normal file

Binary file not shown.