Cbeef92e67bf41ca9c015557d81f39adaba67ca9fb3574139754999030b83537

Yara Rule - 백도어 XZ 라이브러리 (Xzutil) CVE-2024-3094에서 사용하는 주입 된 코드를 감지 관련 IOC 6개 발견

Yara 정의.

Neo23x0
Yara Rule - Detects injected code used by the backdoored XZ library (xzutil) CVE-2024-3094.

Yara definition.
https://github.com/Neo23x0/signature-base/commit/ceee785df7f86adb259a6c94b1a16c7a5370f2f6