curben
/
blog
mirror of https://gitlab.com/curben/blog
1
0
Fork 0
Code Issues Releases Wiki Activity

page(threat-hunting): update InnoDownloadPlugin description

This commit is contained in:
Ming Di Leom 2025-04-06 12:06:57 +00:00
parent 978e8c6ae6
commit 4803ba6ff4
No known key found for this signature in database
GPG Key ID: 32D3E28E96A695E8
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
source/threat-hunting/index.md
View File

@ -2,7 +2,7 @@
title: Splunk Threat Hunting title: Splunk Threat Hunting
layout: page layout: page
date: 2025-01-15 date: 2025-01-15
updated: 2025-04-01 updated: 2025-04-06
--- ---
Some searches utilise [cmdb_ci_list_lookup](https://gitlab.com/curben/splunk-scripts/-/tree/main/Splunk_TA_snow) lookup. Some searches utilise [cmdb_ci_list_lookup](https://gitlab.com/curben/splunk-scripts/-/tree/main/Splunk_TA_snow) lookup.
@ -742,7 +742,8 @@ SPL:
## InnoDownloadPlugin user-agent observed ## InnoDownloadPlugin user-agent observed
References: [1](https://thedfirreport.com/2025/03/31/fake-zoom-ends-in-blacksuit-ransomware/#execution) Description: Inno Setup, a free installer for Windows programs. Inno Download Plugin is a component of Inno Setup.
References: [1](https://thedfirreport.com/2025/03/31/fake-zoom-ends-in-blacksuit-ransomware/#execution), [2](https://jrsoftware.org/isinfo.php)
SPL: SPL:
```spl ```spl