admin/APT_REPORT
1
0
Fork 0
mirror of https://github.com/blackorbird/APT_REPORT.git synced 2025-06-22 02:40:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create apt_ZZ_Naikon_codebase.yar

Browse Source
This commit is contained in:
blackorbird 2020-05-11 21:54:25 +08:00 committed by GitHub
parent fa3fbe0e75
commit b9f598ded4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
nazar/apt_ZZ_Naikon_codebase.yar Normal file
View File

@ -0,0 +1,19 @@
rule apt_ZZ_Naikon_codebase : Naikon
{
meta:
report = "Naikon New AR Backdoor Deployment to Southeast Asia"
description = "Naikon typo"
author = "Kaspersky"
copyright = "Kaspersky"
version = "1.0"
date = "2018-06-28"
last_modified = "2018-06-28"
strings:
$a1 = "Create Directroy [%s] Failed:%d" wide
condition:
uint16(0) == 0x5A4D and
filesize < 450000 and
$a1
}