Update APT_RAT_ShimRat.yar

527f46f1 · mmorenog · GitHub · f8c95975 · 527f46f1
Commit 527f46f1 authored Jul 20, 2016 by mmorenog Committed by GitHub Jul 20, 2016
Show whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

APT_RAT_ShimRat.yar malware/APT_RAT_ShimRat.yar +2 -2

No files found.
--- a/malware/APT_RAT_ShimRat.yar
+++ b/malware/APT_RAT_ShimRat.yar
-rule shimrat
+rule shimrat: RAT
 {
 meta:
  description = "Detects ShimRat and the ShimRat loader"
@@ -26,7 +26,7 @@ rule shimrat
  ($dll and $dat and $headersig and $datasig) or ($datamarker1 and $datamarker2) or ($cmdlineformat and $demoproject_keyword1 and $demoproject_keyword2 and $comspec) or ($dll and $dat and $shim_func1 and $shim_func2 and $shim_func3)
 }

-rule shimratreporter
+rule shimratreporter: RAT
 {
 meta:
  description = "Detects ShimRatReporter"