Antivirus Event Analysis Cheat Sheet v1.12.0

by | Jan 20, 2023

We’ve updated our Antivirus Event Analysis Cheat Sheet to version 1.12.0.

  • It includes updates in several sections
  • New signatures for PUA like FRP and Adfind
  • Signature strings have been sorted alphabetically (not shown in the screenshot below)

You can download the new version here.

Tip: to always find the newest version of the cheat sheet, use this search query.

Visualised changes:

About the author:

Florian Roth

Florian Roth serves as the Head of Research and Development at Nextron Systems. With a background in IT security since 2000, he has delved deep into nation-state cyber attacks since 2012. Florian has developed the THOR Scanner and actively engages with the community via his Twitter handle @cyb3rops. He has contributed to open-source projects, including 'Sigma', a generic SIEM rule format, and 'LOKI', an open-source scanner. Additionally, he has shared valuable resources like a mapping of APT groups and operations and an Antivirus Event Analysis Cheat Sheet.


New blog posts
(~1 email/month)

GDPR Cookie Consent with Real Cookie Banner