1 rule found for "Hancitor"
Detects a process access to verclsid.exe that injects shellcode from a Microsoft Office application / VBA macro