Think you have a false positive on this rule?

Sid 1-51519

Message

MALWARE-OTHER Html.Downloader.Agent download attempt

Summary

This event is generated where there is an attempt to download a malicious HTML file.

Impact

Attempted User Privilege Gain

Detailed information

The file will generate download of a Word doc that will run malicious VBA code.

Affected systems

  • Microsoft Windows

Ease of attack

False positives

None known.

False negatives

None known.

Corrective action

Contributors

  • Cisco Talos Intelligence Group

Additional References

  • virustotal.com/gui/file/46cd339977946f4d3796b1279cd27f857d840ff66001c0497cdc8b57ca4d2cad/detection