Rule Info
Name
APT_MAL_ASP_DLL_HAFNIUM_Mar21_1
Author
Florian Roth
Description
Detects HAFNIUM compiled ASP.NET DLLs dropped on compromised servers
Score
65
Date
2021-03-05
Minimum Yara
1.7
Rule Hash
acba155aa003f9407d91f93955bf4e4f
Tags
['FILE', 'G0125', 'DEMO', 'MAL', 'APT', 'EXE']
Required Modules
[]
Antivirus Verdicts
Rating
Number of Samples
Malicious (>= 10 engines)
12
Suspicious (< 10 engines)
21
Clean (0 engines)
1
Rule Matches
Timestamp
Positives
Total
Hash
VT