Through analyzing thousands of benign and malicious submissions, this process is created by all office files and hits a nearly 100% false-positive rate unless it is safelisted.
Regarding Powershell, out of all the samples analyzed approximately 10% of samples raise this signature and 100% of these samples that raise this signature are benign.
Regarding Outlook, out of all the samples analyzed approximately, 100% of benign samples raised this signature.
Through analyzing thousands of benign and malicious submissions, this process is created by all office files and hits a nearly 100% false-positive rate unless it is safelisted.
Regarding Powershell, out of all the samples analyzed approximately 10% of samples raise this signature and 100% of these samples that raise this signature are benign.
Regarding Outlook, out of all the samples analyzed approximately, 100% of benign samples raised this signature.