Yara Rule - Moveit DMZ Web API 로그에서 발견 된 잠재적 감염 지표를 감지

Yara Rule - Moveit DMZ Web API 로그에서 발견 된 잠재적 감염 지표를 감지

Yara 정의.

Yara Rule - Detects a potential compromise indicator found in MOVEit DMZ Web API logs

Yara definition.

Author: Nasreddine Bencherchali

https://attackerkb.com/topics/mXmV0YpC3W/cve-2023-34362/rapid7-analysis

date = "2023-06-13"
score = 70
$s1 = "TargetInvocationException" ascii
$s2 = "MOVEit.DMZ.Application.Folders.ResumableUploadFilePartHandler.DeserializeFileUploadStream" ascii```


[https://github.com/Neo23x0/signature-base/commit/55d955fb558958e12422b63a63fe4472fc2996f1](https://github.com/Neo23x0/signature-base/commit/55d955fb558958e12422b63a63fe4472fc2996f1)