This detection rule identifies the use of homoglyph characters in filenames, which can serve as a means of obfuscation and masquerading in potential cyber attacks. Homoglyphs are characters that can look identical or very similar to ASCII letters but are actually unicode characters that represent different glyphs. The rule specifically looks for both uppercase and lowercase homoglyphs that are indistinguishable from certain ASCII characters. Such obfuscation can mislead users or security software, allowing malicious actors to execute deceptive file naming strategies. The detection focuses on a predefined set of unicode characters that are known to be effective in this context, ensuring that only the most relevant homoglyphs are flagged. This approach is particularly important as attackers become more sophisticated in their evasion techniques, using these methods to disguise harmful files as benign. The rule connects to broader cybersecurity efforts to mitigate attack techniques classified under tactic T1036 and its sub-techniques, which emphasize defense evasion strategies.