
Rule Info
Tags
['SUSP', 'T1027', 'CVE_2022_30190', 'SCRIPT']
Description
Detects encoded Follona payloads
Required Modules
[]
Date
2022-06-07
Score
70
Author
Florian Roth
Name
SUSP_Encoded_Follina_CVE_2022_30190_Payloads_Jun22
Rule Hash
09c7246f290dd481390863d771b70e00
Reference
Internal Research - Permutator
Minimum Yara
1.7
Antivirus Verdicts
Rating
Number of Samples
Malicious (>= 10 engines)
2
Suspicious (< 10 engines)
0
Clean (0 engines)
1
Rule Matches
Total
Positives
Timestamp
Hash
VT