Automated update

Yamato-Security · Nov 9, 2024 · 478b036 · 478b036
1 parent 7fbce6f
commit 478b036
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 1 deletion.
diff --git a/encoded_rules.yml b/encoded_rules.yml
diff --git a/rules.zip b/rules.zip
diff --git a/rules_config_files.txt b/rules_config_files.txt
@@ -529,6 +529,11 @@ ab0d6f07-d3a5-dcce-b343-05bfd1a8b000 # "Windows Kernel and 3rd-Party Drivers Exp
 4574194d-e7ca-4356-a95c-21b753a1787e # User Guessing
 ffd622af-d049-449f-af5a-0492fdcc3a58 # PW Spray
 
+# FPs
+a4504cb2-23f6-6d94-5ae6-d6013cf1d995 # Suspicious Multiple File Rename Or Delete Occurred
+9f8b3bda-88a1-a216-2897-950cc5ca4aa4 # Quick Execution of a Series of Suspicious Commands (Sysmon 1)
+53facd0f-d88d-bab7-469e-a36211463245 # Quick Execution of a Series of Suspicious Commands (Sec 4688)
+
 # Test Files
 00000000-0000-0000-0000-000000000000 # TestFile
 ---FILE_END---