|
|||
Rule General Information |
---|
Release Date: | 2021-05-08 | |
Rule Name: | Tool Magic Unicorn Detected | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | Magic Unicorn is a tool that converts shellcode into powershell commands, supports original powershell, hta, macro and other execution methods, and supports AMSI bypass. | |
Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
Affected OS: | Windows | |
Reference: | ||
Solutions |
---|
Disable Microsoft Office untrusted macro execution. Do not execute untrusted hta file. |