EXPL_Log4j_CVE_2021_44228_JAVA_Exception_Dec21_1

Rule Info

Av Ratio
1.38
Score
60
Name
EXPL_Log4j_CVE_2021_44228_JAVA_Exception_Dec21_1
Minimum Yara
1.7
Required Modules
[]
Description
Detects exceptions found in server logs that indicate an exploitation attempt of CVE-2021-44228
Date
2021-12-12
Tags
['EXPLOIT', 'CVE_2021_44228', 'DEMO']
Rule Hash
99418a995017234d54a0f00d8eb5328e
Author
Florian Roth

Antivirus Verdicts

Rating
Number of Samples
Malicious (>= 10 engines)
0
Suspicious (< 10 engines)
3
Clean (0 engines)
11

Rule Matches

Positives
Hash
Total
Timestamp
VT
0
73d93ffab80eb4358268a1784dba66224fc96fa23b26a65f9201bf631e82c7fe
57
2022-04-21 16:10:51
7
fe5079e3f6b3a8318d1967fa3e1b9191a2dd7e41156a396db3770042be6fe83e
57
2022-04-01 20:06:45
3
ef4106acce94a5ef99148b2a593df2f591dc85ccd86e393b62416ec6d1a670fb
57
2022-03-25 21:08:02
1
13160edab74cc2dd34653920d4bf56e487fea2fd6adf8249e0be9215ced902b4
57
2022-03-18 19:06:42
0
93e28865847475be9c05017421ffbb122a05ee973c25d1639e7f8bf55fc6bd0c
55
2022-03-10 20:56:43
0
66adf30e744f72906e1f07aae82d8326159f3b26ca7befaf8f144030d345e78a
58
2022-01-12 09:27:23
0
e2b721676f51f9b1cc4e077bc021b968554f015346c18e18a97331ec50f959d8
58
2021-12-29 20:29:56
0
1a6e61690df52dc61f090fd237cddbd2127663309c1340064ac211aa5b762c80
55
2021-12-28 20:40:23
0
4c3642a75ac8a08343e79416ad2eca6d3b6e09d3b40ce38f6b5b7c3538de93e5
56
2021-12-21 12:25:53
0
cf68eceb7fbb38acae643fb47e46f15068489e74a54ebb8b7471b2c9ed575ca1
57
2021-12-17 22:06:01
0
20dd3536672f5cd03d5b0c0b9e1e1a2487c653b5e6b96867501e93ac74557673
57
2021-12-15 17:58:44
0
da3e9073b363183ad66aa733be7160026ce1b23852687c42e5f4cc7a07f4552a
57
2021-12-14 15:27:31
0
304f2b6338c37cf4ce9b4d8bd8f3de0c2b940a0875ecbfbdd53016023d799d50
56
2021-12-13 17:41:29
0
f081ee8673de367c7a9f3c963b42cc75b957f5250213ce9def56bd955b0855bc
57
2021-12-13 15:33:08

Rule Matches per Month (last 24 months)