Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
R
rules
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
fact-depend
rules
Commits
0e7465cd
Commit
0e7465cd
authored
Jan 19, 2016
by
mmorenog
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update THOR_HackTools.yar
parent
fc0825cb
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
0 additions
and
15 deletions
+0
-15
THOR_HackTools.yar
malware/THOR_HackTools.yar
+0
-15
No files found.
malware/THOR_HackTools.yar
View file @
0e7465cd
...
...
@@ -116,21 +116,6 @@ rule HackTool_Samples {
1 of them
}
rule HackTool_Producers {
meta: description = "Hacktool Producers String" threat_level = 5 score = 50
strings:
$a1 = "www.oxid.it"
$a2 = "www.analogx.com"
$a3 = "ntsecurity.nu"
$a4 = "gentilkiwi.com"
$a6 = "Marcus Murray"
condition:
1 of ($a*) and
not extension contains ".ini" and
not extension contains ".xml" and
not extension contains ".sqlite"
}
/* Disclosed hack tool set */
rule Fierce2
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
