This detection rule identifies DNS queries made to the domain 'azurewebsites.net' by non-browser processes on Windows systems. This is relevant as 'azurewebsites.net' has been frequently leveraged by threat actors for hosting and exfiltrating malware. The rule specifically filters out queries made by well-known browser processes, such as Chrome, Firefox, Internet Explorer, Edge, and several others, to hone in on potentially malicious activity stemming from atypical processes. A successful match indicates that a non-browser application is attempting to communicate with a site commonly associated with nefarious activities.