Identified Download Of Suspicious SCT File Over HTTP

Microsoft enables scripts that are embedded in an HTML document or in a Windows Scripting Host file to access COM+ objects. An attacker can create COM+ objects in script code stored in an Extensible Markup Language (XML) files, such files are called 'scriptlets' to execute command on the remote host. This is a heuristic based rule which identifies the download of such 'scriptlets' files over HTTP.