Intel Name: File in suspicious location encoded to base64 via certutil.exe
Date of Scan: January 9, 2025
Impact: High
Summary: Detects the execution of certutil with the “encode” flag to convert a file to Base64, targeting files located in potentially suspicious directories.