Arbitrary File Download Via IMEWDBLD.EXE

Rule Info

Name
Arbitrary File Download Via IMEWDBLD.EXE
Author
Swachchhanda Shrawan Poudel
Description
Detects usage of "IMEWDBLD.exe" to download arbitrary files
Date
2023-11-09 00:00:00
Modified
None
Id
863218bd-c7d0-4c52-80cd-0a96c09f54af
Tags
attack.defense-evasion attack.execution attack.t1218 DEMO
Type
Community Rule

Rule History

Author
Title
Date
Commit
Nasreddine Bencherchali
Merge PR #4950 from @nasbench - Comply With v2 Spec Changes
2024-08-12
Swachchhanda Shrawan Poudel
Merge PR #4557 from @swachchhanda000 - Multiple Rule Updates & New Rules
2023-11-14