MalwareBazaar Database
This page shows some basic information the YARA rule SUSP_Doc_WordXMLRels_May22 including corresponding malware samples.
Database Entry
| YARA Rule: | SUSP_Doc_WordXMLRels_May22 |
|---|---|
| Author: | Tobias Michalski, Christian Burkard, Wojciech Cieślak |
| Description: | Detects a suspicious pattern in docx document.xml.rels file as seen in CVE-2022-30190 |
| Firstseen: | 2022-06-16 11:27:52 UTC |
| Lastseen: | 2026-02-22 18:14:59 UTC |
| Sightings: | 5 |
Malware Samples
The table below shows all malware samples that matching this particular YARA rule (max 1000).
| Firstseen (UTC) | SHA256 hash | Tags | Signature | Reporter |
|---|