Update APT_Poseidon_Group.yar

50535512 · Marc Rivero López · GitHub · 0d2a516d · 50535512
Commit 50535512 authored Jan 23, 2017 by Marc Rivero López Committed by GitHub Jan 23, 2017
Show whitespace changes
Inline Side-by-side

Showing with 0 additions and 3 deletions

APT_Poseidon_Group.yar malware/APT_Poseidon_Group.yar +0 -3

No files found.
--- a/malware/APT_Poseidon_Group.yar
+++ b/malware/APT_Poseidon_Group.yar
@@ -26,7 +26,6 @@ rule PoseidonGroup_Malware
        hash5 = "d090b1d77e91848b1e2f5690b54360bbbd7ef808d017304389b90a0f8423367f"
        hash6 = "d7c8b47a0d0a9181fb993f17e165d75a6be8cf11812d3baf7cf11d085e21d4fb"
        hash7 = "ded0ee29af97496f27d810f6c16d78a3031d8c2193d5d2a87355f3e3ca58f9b3"
-        maltype = "apt"

    strings:
        $s1 = "c:\\winnt\\system32\\cmd.exe" fullword ascii
@@ -62,7 +61,6 @@ rule PoseidonGroup_MalDoc_1
        date = "2016-02-09"
        score = 80
        hash = "0983526d7f0640e5765ded6be6c9e64869172a02c20023f8a006396ff358999b"
-        maltype = "apt"

    strings:
        $s1 = "c:\\cmd32dll.exe" fullword ascii
@@ -86,7 +84,6 @@ rule PoseidonGroup_MalDoc_2
        hash4 = "ec309300c950936a1b9f900aa30630b33723c42240ca4db978f2ca5e0f97afed"
        hash5 = "27449198542fed64c23f583617908c8648fa4b4633bacd224f97e7f5d8b18778"
        hash6 = "1e62629dae05bf7ee3fe1346faa60e6791c61f92dd921daa5ce2bdce2e9d4216"
-        maltype = "apt"

    strings:
        $s0 = "{\\*\\generator Msftedit 5.41." ascii