This detection rule aims to identify the execution of the "jsc.exe" (JScript Compiler) on Windows systems. The JScript Compiler can be exploited by attackers to dynamically compile JScript files, potentially allowing them to execute arbitrary code and bypass application whitelisting mechanisms. In typical scenarios, legitimate developers may use jsc.exe for compiling their scripts; however, the behavior can also signal malicious activity if performed unexpectedly or without proper context. The detection is implemented through process creation logs, monitoring for instances where the image of the process ends with \jsc.exe or where the original file name is recorded as jsc.exe, indicating potential misuse of this tool in the context of defense evasion and exploitation.