Vendor: QUSH
June 14, 2023 · View on GitHub
Product: Reveal
Use-Case: Cryptomining
| Rules | Models | MITRE ATT&CK® TTPs | Event Types | Parsers |
|---|---|---|---|---|
| 2 | 0 | 2 | 1 | 1 |
| Event Type | Rules | Models |
|---|---|---|
| web-activity-allowed | T1071.001 - Application Layer Protocol: Web Protocols ↳ WEB-Shadow-Mining: User has browsed to a known coinmining/shadowmining domain T1496 - Resource Hijacking ↳ A-WEB-Shadow-Mining: Host has browsed to a known coinmining/shadowmining domain ↳ WEB-Shadow-Mining: User has browsed to a known coinmining/shadowmining domain |