MalwareBazaar Database
This page shows some basic information the YARA rule SUSP_RTF_with_potential_CVE_2026_21509_exploit_nows including corresponding malware samples.
Database Entry
| YARA Rule: | SUSP_RTF_with_potential_CVE_2026_21509_exploit_nows |
|---|---|
| Author: | Philippe Lagadec |
| Description: | Detects RTF files containing a Shell.Explorer.1 OLE object, possibly an exploit for CVE-2026-21509 |
| Firstseen: | 2026-02-05 10:09:10 UTC |
| Lastseen: | 2026-02-20 10:06:31 UTC |
| Sightings: | 5 |
Malware Samples
The table below shows all malware samples that matching this particular YARA rule (max 1000).
| Firstseen (UTC) | SHA256 hash | Tags | Signature | Reporter |
|---|