Rule Library
Sigma Rules
2 rules found for "CVE-2023-38831"
3,731Total
3,132Detection
457Emerging
139Hunting
Emerging Threathightest
CVE-2023-38331 Exploitation Attempt - Suspicious Double Extension File
Detects the creation of a file with a double extension and a space by WinRAR. This could be a sign of exploitation of CVE-2023-38331
WindowsFile Event
Nasreddine Bencherchali (Nextron Systems)Wed Aug 302023
Emerging Threathightest
CVE-2023-38331 Exploitation Attempt - Suspicious WinRAR Child Process
Detects exploitation attempt of CVE-2023-38331 (WinRAR before v6.23), where an attacker can leverage WinRAR to execute arbitrary commands and binaries.
WindowsProcess Creation
Nasreddine Bencherchali (Nextron Systems)+1Wed Aug 302023