Yara Rule - Info Stealer를 다운로드하는 3cxdesktopapp.exe 내에로드 된 해독 된 페이로드 감지 관련 IOC 12개 발견
Yara 정의.
Neo23x0
Yara Rule - Detects decrypted payload loaded inside 3CXDesktopApp.exe which downloads info stealer
Yara definition.
https://github.com/Neo23x0/signature-base/commit/90edf2d71377a3bb0b891b687d935a956f1c4338