MalwareBazaar Database
This page shows some basic information the YARA rule Susp_PowerShell_Sep17_2_RID2FA0 including corresponding malware samples.
Database Entry
| YARA Rule: | Susp_PowerShell_Sep17_2_RID2FA0 |
|---|---|
| Author: | Florian Roth |
| Description: | Detects suspicious PowerShell script in combo with VBS or JS |
| Firstseen: | 2022-01-24 12:54:07 UTC |
| Lastseen: | 2026-02-22 18:16:53 UTC |
| Sightings: | 23 |
Malware Samples
The table below shows all malware samples that matching this particular YARA rule (max 1000).
| Firstseen (UTC) | SHA256 hash | Tags | Signature | Reporter |
|---|