EXPL_Log4j_CVE_2021_44228_JAVA_Exception_Dec21_1

Rule Info

Score
60
Name
EXPL_Log4j_CVE_2021_44228_JAVA_Exception_Dec21_1
Description
Detects exceptions found in server logs that indicate an exploitation attempt of CVE-2021-44228
Av Ratio
0.0
Author
Florian Roth
Tags
['DEMO', 'EXPLOIT', 'CVE_2021_44228']
Rule Hash
99418a995017234d54a0f00d8eb5328e
Minimum Yara
1.7
Date
2021-12-12
Required Modules
[]

Antivirus Verdicts

Rating
Number of Samples
Malicious (>= 10 engines)
0
Suspicious (< 10 engines)
0
Clean (0 engines)
9

Rule Matches

Positives
Hash
Total
Timestamp
VT
0
66adf30e744f72906e1f07aae82d8326159f3b26ca7befaf8f144030d345e78a
58
2022-01-12 09:27:23
0
e2b721676f51f9b1cc4e077bc021b968554f015346c18e18a97331ec50f959d8
58
2021-12-29 20:29:56
0
1a6e61690df52dc61f090fd237cddbd2127663309c1340064ac211aa5b762c80
55
2021-12-28 20:40:23
0
4c3642a75ac8a08343e79416ad2eca6d3b6e09d3b40ce38f6b5b7c3538de93e5
56
2021-12-21 12:25:53
0
cf68eceb7fbb38acae643fb47e46f15068489e74a54ebb8b7471b2c9ed575ca1
57
2021-12-17 22:06:01
0
20dd3536672f5cd03d5b0c0b9e1e1a2487c653b5e6b96867501e93ac74557673
57
2021-12-15 17:58:44
0
da3e9073b363183ad66aa733be7160026ce1b23852687c42e5f4cc7a07f4552a
57
2021-12-14 15:27:31
0
304f2b6338c37cf4ce9b4d8bd8f3de0c2b940a0875ecbfbdd53016023d799d50
56
2021-12-13 17:41:29
0
f081ee8673de367c7a9f3c963b42cc75b957f5250213ce9def56bd955b0855bc
57
2021-12-13 15:33:08

Rule Matches per Month (last 24 months)