
Rule Info
Av Ratio
1.73
Score
65
Name
SUSP_HKTL_YsoSerial_Payload_Indicator_May22_2
Minimum Yara
1.7
Required Modules
[]
Description
Detects an encoded ysoserial.net payload
Date
2022-05-03
Tags
['HKTL', 'SUSP', 'T1203', 'T1193']
Rule Hash
27a3dc6dd28b5f3f4f6889888ec66788
Author
Paul Hager
Antivirus Verdicts
Rating
Number of Samples
Malicious (>= 10 engines)
2
Suspicious (< 10 engines)
11
Clean (0 engines)
22
Rule Matches
Positives
Hash
Total
Timestamp
VT