this<\/a> search query.<\/p>\n[\/et_pb_text][\/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.17.6″ _module_preset=”default” global_colors_info=”{}”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2023\/01\/Screenshot-2023-01-13-at-17.37.50.png” title_text=”Screenshot 2023-01-13 at 17.37.50″ url=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2023\/01\/Antivirus_Event_Analysis_CheatSheet_1.11.pdf” _builder_version=”4.19.4″ _module_preset=”default” global_colors_info=”{}”][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=”2_5,3_5″ _builder_version=”4.17.6″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”2_5″ _builder_version=”4.17.6″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.17.6″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n
Changes:<\/p>\n
[\/et_pb_text][\/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.17.6″ _module_preset=”default” global_colors_info=”{}”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2023\/01\/Screenshot-2023-01-13-at-17.31.11.png” title_text=”Screenshot 2023-01-13 at 17.31.11″ _builder_version=”4.19.4″ _module_preset=”default” global_colors_info=”{}”][\/et_pb_image][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"
We’ve updated our Antivirus Event Analysis Cheat Sheet to version 1.11.0. It includes updates in several sections add special identifiers for other hack tools and ransomware (sync with Sigma rule changes provided by Arnim Rupp in PR #3919 and #3924) You can download the new version here. Tip: to always find the newest version of the cheat sheet, use this search query.Changes:<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[749,1],"tags":[],"class_list":["post-15273","post","type-post","status-publish","format-standard","hentry","category-homepage","category-nextron"],"yoast_head":"\n
Antivirus Event Analysis Cheat Sheet v1.11.0 - Nextron Systems<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.nextron-systems.com\/2023\/01\/13\/antivirus-event-analysis-cheat-sheet-v1-11-0\/\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.nextron-systems.com\/2023\/01\/13\/antivirus-event-analysis-cheat-sheet-v1-11-0\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.nextron-systems.com\/2023\/01\/13\/antivirus-event-analysis-cheat-sheet-v1-11-0\/\"},\"author\":{\"name\":\"Florian Roth\",\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/person\/4fd503007d60aabaf1ae747502f36919\"},\"headline\":\"Antivirus Event Analysis Cheat Sheet v1.11.0\",\"datePublished\":\"2023-01-13T16:39:30+00:00\",\"dateModified\":\"2024-04-12T14:33:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.nextron-systems.com\/2023\/01\/13\/antivirus-event-analysis-cheat-sheet-v1-11-0\/\"},\"wordCount\":321,\"publisher\":{\"@id\":\"https:\/\/www.nextron-systems.com\/#organization\"},\"articleSection\":[\"Homepage\",\"Nextron\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.nextron-systems.com\/2023\/01\/13\/antivirus-event-analysis-cheat-sheet-v1-11-0\/\",\"url\":\"https:\/\/www.nextron-systems.com\/2023\/01\/13\/antivirus-event-analysis-cheat-sheet-v1-11-0\/\",\"name\":\"Antivirus Event Analysis Cheat Sheet v1.11.0 - Nextron Systems\",\"isPartOf\":{\"@id\":\"https:\/\/www.nextron-systems.com\/#website\"},\"datePublished\":\"2023-01-13T16:39:30+00:00\",\"dateModified\":\"2024-04-12T14:33:26+00:00\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.nextron-systems.com\/2023\/01\/13\/antivirus-event-analysis-cheat-sheet-v1-11-0\/\"]}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.nextron-systems.com\/#website\",\"url\":\"https:\/\/www.nextron-systems.com\/\",\"name\":\"Nextron Systems\",\"description\":\"We Detect Hackers\",\"publisher\":{\"@id\":\"https:\/\/www.nextron-systems.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.nextron-systems.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.nextron-systems.com\/#organization\",\"name\":\"Nextron Systems GmbH\",\"url\":\"https:\/\/www.nextron-systems.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2017\/11\/Nextron_0.2s_inv_symbol_only.png\",\"contentUrl\":\"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2017\/11\/Nextron_0.2s_inv_symbol_only.png\",\"width\":260,\"height\":260,\"caption\":\"Nextron Systems GmbH\"},\"image\":{\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/person\/4fd503007d60aabaf1ae747502f36919\",\"name\":\"Florian Roth\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0dfaa838ce5d82e2e7bfa75ed3f43ae5?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0dfaa838ce5d82e2e7bfa75ed3f43ae5?s=96&d=mm&r=g\",\"caption\":\"Florian Roth\"},\"description\":\"Florian Roth serves as the Head of Research and Development at Nextron Systems. With a background in IT security since 2000, he has delved deep into nation-state cyber attacks since 2012. Florian has developed the THOR Scanner and actively engages with the community via his Twitter handle @cyb3rops. He has contributed to open-source projects, including 'Sigma', a generic SIEM rule format, and 'LOKI', an open-source scanner. Additionally, he has shared valuable resources like a mapping of APT groups and operations and an Antivirus Event Analysis Cheat Sheet.\",\"url\":\"https:\/\/www.nextron-systems.com\/author\/florian\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Antivirus Event Analysis Cheat Sheet v1.11.0 - Nextron Systems","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.nextron-systems.com\/2023\/01\/13\/antivirus-event-analysis-cheat-sheet-v1-11-0\/","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.nextron-systems.com\/2023\/01\/13\/antivirus-event-analysis-cheat-sheet-v1-11-0\/#article","isPartOf":{"@id":"https:\/\/www.nextron-systems.com\/2023\/01\/13\/antivirus-event-analysis-cheat-sheet-v1-11-0\/"},"author":{"name":"Florian Roth","@id":"https:\/\/www.nextron-systems.com\/#\/schema\/person\/4fd503007d60aabaf1ae747502f36919"},"headline":"Antivirus Event Analysis Cheat Sheet v1.11.0","datePublished":"2023-01-13T16:39:30+00:00","dateModified":"2024-04-12T14:33:26+00:00","mainEntityOfPage":{"@id":"https:\/\/www.nextron-systems.com\/2023\/01\/13\/antivirus-event-analysis-cheat-sheet-v1-11-0\/"},"wordCount":321,"publisher":{"@id":"https:\/\/www.nextron-systems.com\/#organization"},"articleSection":["Homepage","Nextron"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.nextron-systems.com\/2023\/01\/13\/antivirus-event-analysis-cheat-sheet-v1-11-0\/","url":"https:\/\/www.nextron-systems.com\/2023\/01\/13\/antivirus-event-analysis-cheat-sheet-v1-11-0\/","name":"Antivirus Event Analysis Cheat Sheet v1.11.0 - Nextron Systems","isPartOf":{"@id":"https:\/\/www.nextron-systems.com\/#website"},"datePublished":"2023-01-13T16:39:30+00:00","dateModified":"2024-04-12T14:33:26+00:00","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.nextron-systems.com\/2023\/01\/13\/antivirus-event-analysis-cheat-sheet-v1-11-0\/"]}]},{"@type":"WebSite","@id":"https:\/\/www.nextron-systems.com\/#website","url":"https:\/\/www.nextron-systems.com\/","name":"Nextron Systems","description":"We Detect Hackers","publisher":{"@id":"https:\/\/www.nextron-systems.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.nextron-systems.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.nextron-systems.com\/#organization","name":"Nextron Systems GmbH","url":"https:\/\/www.nextron-systems.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.nextron-systems.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2017\/11\/Nextron_0.2s_inv_symbol_only.png","contentUrl":"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2017\/11\/Nextron_0.2s_inv_symbol_only.png","width":260,"height":260,"caption":"Nextron Systems GmbH"},"image":{"@id":"https:\/\/www.nextron-systems.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.nextron-systems.com\/#\/schema\/person\/4fd503007d60aabaf1ae747502f36919","name":"Florian Roth","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.nextron-systems.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/0dfaa838ce5d82e2e7bfa75ed3f43ae5?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0dfaa838ce5d82e2e7bfa75ed3f43ae5?s=96&d=mm&r=g","caption":"Florian Roth"},"description":"Florian Roth serves as the Head of Research and Development at Nextron Systems. With a background in IT security since 2000, he has delved deep into nation-state cyber attacks since 2012. Florian has developed the THOR Scanner and actively engages with the community via his Twitter handle @cyb3rops. He has contributed to open-source projects, including 'Sigma', a generic SIEM rule format, and 'LOKI', an open-source scanner. Additionally, he has shared valuable resources like a mapping of APT groups and operations and an Antivirus Event Analysis Cheat Sheet.","url":"https:\/\/www.nextron-systems.com\/author\/florian\/"}]}},"_links":{"self":[{"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/posts\/15273","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/comments?post=15273"}],"version-history":[{"count":8,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/posts\/15273\/revisions"}],"predecessor-version":[{"id":15287,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/posts\/15273\/revisions\/15287"}],"wp:attachment":[{"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/media?parent=15273"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/categories?post=15273"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/tags?post=15273"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}