Yara Rule - MoveIT 전송 로그에있는 가능한 감염 지표를 감지
Yara 정의.
Yara Rule - Detects a possible compromise indicator found in MOVEit Transfer logs
Yara definition.
Author: Florian Roth
https://www.huntress.com/blog/moveit-transfer-critical-vulnerability-rapid-response
date = "2023-06-01"
score = 70
$x1 = "POST /moveitisapi/moveitisapi.dll action=m2 " ascii```
[https://github.com/Neo23x0/signature-base/commit/ed346f9f4552375441447c225df2446ad55d3a9c](https://github.com/Neo23x0/signature-base/commit/ed346f9f4552375441447c225df2446ad55d3a9c)