Think you have a false positive on this rule?

Sid 1-51518

Message

MALWARE-OTHER Html.Downloader.Agent download attempt

Summary

This event is generated where there is an attempt to download a malicious HTML file.

Impact

Attempted User Privilege Gain

Detailed information

The file will generate download of a Word doc that will run malicious VBA code.

Affected systems

  • Microsoft Windows

Ease of attack

False positives

None known.

False negatives

None known.

Corrective action

Contributors

  • Cisco Talos Intelligence Group

Additional References

  • virustotal.com/gui/file/82403adf3eee1096fc995666e26e112dc0896fe27c85abf20cc02949ddc90011/detection