valitydev/signature-base
14
0
Fork 0
mirror of https://github.com/valitydev/signature-base.git synced 2024-11-06 18:15:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added hashes to rule

Browse Source
This commit is contained in:
Florian Roth 2017-06-28 08:34:56 +02:00
parent 6a256ba5c6
commit 77299ec82d
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
yara/crime_nopetya_jun17.yar
View File

@ -16,6 +16,8 @@ rule NotPetya_Ransomware_Jun17 {
reference = "https://goo.gl/h6iaGj"
date = "2017-06-27"
hash1 = "027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745"
hash2 = "45ef8d53a5a2011e615f60b058768c44c74e5190fefd790ca95cf035d9e1d5e0"
hash3 = "64b0b58a2c030c77fdb2b537b2fcc4af432bc55ffb36599a31d418c7c69e94b1"
strings:
$x1 = "Ooops, your important files are encrypted." fullword wide ascii
$x2 = "process call create \"C:\\Windows\\System32\\rundll32.exe \\\"C:\\Windows\\%s\\\" #1 " fullword wide