Yara Rule - Moveit DMZ Web API 로그에서 발견 된 잠재적 감염 지표를 감지
Yara 정의.
Yara Rule - Detects a potential compromise indicator found in MOVEit DMZ Web API logs
Yara definition.
Author: Nasreddine Bencherchali
https://attackerkb.com/topics/mXmV0YpC3W/cve-2023-34362/rapid7-analysis
date = "2023-06-13"
score = 70
$s1 = "TargetInvocationException" ascii
$s2 = "MOVEit.DMZ.Application.Folders.ResumableUploadFilePartHandler.DeserializeFileUploadStream" ascii```
[https://github.com/Neo23x0/signature-base/commit/62d1b9de3dc9dac9fa0d7c59d74d93a55527d6d6](https://github.com/Neo23x0/signature-base/commit/62d1b9de3dc9dac9fa0d7c59d74d93a55527d6d6)