This detection rule identifies the execution of the Mouse Lock application, which has been reported as being misused in malware incidents for credential access and information collection. The rule is based on Kaspersky's 2020 Incident Response Analyst Report that highlights how a legitimate tool like Mouse Lock can be leveraged by attackers for malicious purposes. The detection focuses on process creation events specifically looking for instances where Mouse Lock is specified in product or command line attributes, alongside checks for the company name 'Misc314', which is associated with the application. The rule may generate false positives due to legitimate use cases of Mouse Lock, thus requiring additional context for more accurate threat assessment. It operates within a medium severity level, indicating a moderate degree of concern when triggered.