Rule Info
Name
BCKDR_XZUtil_Binary_CVE_2024_3094_Mar24_1
Author
Florian Roth
Description
Detects injected code used by the backdoored XZ library (xzutil) CVE-2024-3094.
Score
75
Date
2024-03-30
Minimum Yara
1.7
Rule Hash
7180ceb878d428704ad1635bd4f2ba1b
Tags
['DEMO', 'CVE_2024_3094', 'FILE']
Required Modules
[]
Virustotal Matches
Antivirus Verdicts
Rating
Number of Samples
Malicious (>= 10 engines)
26
Suspicious (< 10 engines)
5
Clean (0 engines)
0
Rule Matches
Timestamp
Positives
Total
Hash
VT