valitydev/signature-base
14
0
Fork 0
mirror of https://github.com/valitydev/signature-base.git synced 2024-11-07 02:25:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Renamed Rule

Browse Source
This commit is contained in:
Florian Roth 2016-08-01 16:57:58 +02:00
parent 2db411300f
commit 630db83081
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
yara/gen_cn_hacktools.yar
View File

@ -2439,7 +2439,7 @@ rule kiwi_tools {
uint16(0) == 0x5a4d and filesize < 1000KB and all of them
}
rule _kappfree_kelloworld_KiwiCmd_KiwiRegedit_KiwiTaskmgr_klock_mimikatz_sekurlsa_kappfree_kelloworld_KiwiCmd_KiwiRegedit_KiwiTaskmg {
rule kiwi_tools_gentil_kiwi {
meta:
description = "Chinese Hacktool Set - from files kappfree.dll, kelloworld.dll, KiwiCmd.exe, KiwiRegedit.exe, KiwiTaskmgr.exe, klock.dll, mimikatz.exe, sekurlsa.dll, kappfree.dll, kelloworld.dll, KiwiCmd.exe, KiwiRegedit.exe, KiwiTaskmgr.exe, klock.dll, mimikatz.exe, sekurlsa.dll"
author = "Florian Roth"