valitydev/signature-base
14
0
Fork 0
mirror of https://github.com/valitydev/signature-base.git synced 2024-11-07 02:25:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,105 Commits 2 Branches 1 Tag 33 MiB
5a04c92856
Commit Graph

4 Commits

Author SHA1 Message Date
Florian Roth
5a04c92856 fix: false positive reduction 2020-02-13 09:18:18 +01:00
Florian Roth
24db0fe709 fix: FPs with gen_malware_MacOS_plist_suspicious 2020-02-07 16:56:23 +01:00
Florian Roth
f73324aa1a Minor adjustments in gen_malware_MacOS_plist_suspicious rule 2018-12-16 10:10:42 +01:00
John Lambert
bd8185482f
Detect suspicious MacOS launch agent config files 
plist files contain configuration for user-specific background jobs in OSX. Malware abuses this feature for persistence. Coin miners have been seen to use this feature as well.
 2018-12-14 13:55:31 -08:00