The purpose to provide the possibility to quickly identify potentially injection of webshells like hafnium. Detect malicious code on Exchange Server which could compromise the system, this after exploitation of Hafnium webshell injection.
Run on Exchange Server Verion 2013/2016/2019 to Detect Hafnium webshells are present: