
Rule Info
Tags
attack.defense_evasion DEMO
Name
Potentially Suspicious File Download From ZIP TLD
Id
0bb4bbeb-fe52-4044-b40c-430a04577ebe
Date
2023-05-18 00:00:00
Modified
None
Description
Detects the download of a file with a potentially suspicious extension from a .zip top level domain.
Author
Florian Roth (Nextron Systems)
Type
Community Rule
Link to Public Repo