SUSP_Encoded_Follina_CVE_2022_30190_Payloads_Jun22

Rule Info

Av Ratio
0
Score
70
Name
SUSP_Encoded_Follina_CVE_2022_30190_Payloads_Jun22
Minimum Yara
1.7
Required Modules
[]
Description
Detects encoded Follona payloads
Reference
Internal Research - Permutator
Date
2022-06-07
Tags
['SCRIPT', 'SUSP', 'T1027', 'CVE_2022_30190', 'EXPLOIT']
Rule Hash
09c7246f290dd481390863d771b70e00
Author
Florian Roth

Antivirus Verdicts

Rating
Number of Samples
Malicious (>= 10 engines)
1
Suspicious (< 10 engines)
0
Clean (0 engines)
0

Rule Matches

Positives
Hash
Total
Timestamp
VT
12
acaff7600794155a65c7d5b4ebda479c0624e5d9bf447804107c675c0450e406
56
2022-06-08 17:13:11

Rule Matches per Month (last 24 months)