This detection rule monitors and alerts on Antivirus-generated events that classify as ransomware threats. Although an Antivirus (AV) may successfully block a ransomware attempt, it is crucial to investigate the origin and method of the attack to prevent future incidents. The rule identifies specific keywords associated with known ransomware signatures and highlights instances where these signatures are detected by the AV software. The focus is on understanding the attack vector to enhance overall cybersecurity defenses.