Product
This rule identifies renamed Automation Script Interpreter processes, often used by malware written in AutoIt/AutoHotKey to evade detection by renaming the executable.