Dopplepaymer In-Memory Malware Implant

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Content Index

---

Dopplepaymer In-Memory Malware Implant. This query identifies processes with command line launch strings. Which match the pattern used in Dopplepaymer ransomware attacks.

Attribute	Value
Type	Hunting Query
Solution	GitHub Only
ID	c7927ab6-63c8-41bc-a5d7-fc15826e2b57
Required Connectors	MicrosoftThreatProtection
Source	[View on GitHub](https://github.com/Azure/Azure-Sentinel/blob/master/Hunting Queries/Microsoft%20365%20Defender/Campaigns/Dopplepaymer%20In-Memory%20Malware%20Implant.yaml)

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Hunting Queries