valitydev/signature-base
14
0
Fork 0
mirror of https://github.com/valitydev/signature-base.git synced 2024-11-06 10:05:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: FPs with rule on memory

Browse Source
This commit is contained in:
Florian Roth 2020-05-05 19:47:48 +02:00
parent b0d1cfd4da
commit e808fb867e
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
vendor/yara/airbnb_binaryalert.yar vendored
View File

@ -468,6 +468,7 @@ rule hacktool_windows_ncc_wmicmd
description = "Command shell wrapper for WMI" description = "Command shell wrapper for WMI"
reference = "https://github.com/nccgroup/WMIcmd" reference = "https://github.com/nccgroup/WMIcmd"
author = "@mimeframe" author = "@mimeframe"
type = "file"
strings: strings:
$a1 = "Need to specify a username, domain and password for non local connections" wide ascii $a1 = "Need to specify a username, domain and password for non local connections" wide ascii
$a2 = "WS-Management is running on the remote host" wide ascii $a2 = "WS-Management is running on the remote host" wide ascii