8fa641c454c3e0f76de73b7cc3446096b9c8b9d33d406d38b8ac76090b0344fd

Yara Rule - 백도어 XZ 라이브러리 (Xzutil) CVE-2024-3094에서 사용하는 주입 된 코드를 감지 관련 IOC 6개 발견

Yara 정의.

Neo23x0
Yara Rule - Detects injected code used by the backdoored XZ library (xzutil) CVE-2024-3094.

Yara definition.
https://github.com/Neo23x0/signature-base/commit/ceee785df7f86adb259a6c94b1a16c7a5370f2f6