Vendor
The rule detects potential exploitation of the Foxmail email client on Windows systems, where successful exploitation allows for initial access and execution of arbitrary code.