Update APT_Carbanak.yar

04c8297f · mmorenog · GitHub · 37cd8e2e · 04c8297f
Commit 04c8297f authored Jul 20, 2016 by mmorenog Committed by GitHub Jul 20, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 3 deletions

APT_Carbanak.yar malware/APT_Carbanak.yar +3 -3

No files found.
--- a/malware/APT_Carbanak.yar
+++ b/malware/APT_Carbanak.yar
@@ -11,7 +11,7 @@
 /* Rule Set ----------------------------------------------------------------- */
-rule Carbanak_0915_1 {
+rule Carbanak_0915_1 : APT {
 	meta:
 		description = "Carbanak Malware"
 		author = "Florian Roth"
@@ -25,7 +25,7 @@ rule Carbanak_0915_1 {
 		uint16(0) == 0x5a4d and filesize < 100KB and 1 of them
 }
-rule Carbanak_0915_2 {
+rule Carbanak_0915_2 : APT {
 	meta:
 		description = "Carbanak Malware"
 		author = "Florian Roth"
@@ -46,7 +46,7 @@ rule Carbanak_0915_2 {
 		uint16(0) == 0x5a4d and filesize < 500KB and ( $x1 or all of ($s*) )
 }
-rule Carbanak_0915_3 {
+rule Carbanak_0915_3 : APT {
 	meta:
 		description = "Carbanak Malware"
 		author = "Florian Roth"