Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
R
rules
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
fact-depend
rules
Commits
69483a46
Commit
69483a46
authored
Jun 25, 2017
by
wolfvan
Committed by
GitHub
Jun 25, 2017
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Create RANSOM_Erebus.yar
parent
82b90f7a
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
16 additions
and
0 deletions
+16
-0
RANSOM_Erebus.yar
malware/RANSOM_Erebus.yar
+16
-0
No files found.
malware/RANSOM_Erebus.yar
0 → 100644
View file @
69483a46
rule Erebus: ransom
{
meta:
description = "Erebus Ransomware"
author = "Joan Soriano / @joanbtl"
date = "2017-06-23"
version = "1.0"
MD5 = "27d857e12b9be5d43f935b8cc86eaabf"
SHA256 = "0b7996bca486575be15e68dba7cbd802b1e5f90436ba23f802da66292c8a055f"
ref1 = "http://blog.trendmicro.com/trendlabs-security-intelligence/erebus-resurfaces-as-linux-ransomware/"
strings:
$a = "/{5f58d6f0-bb9c-46e2-a4da-8ebc746f24a5}//log.log"
$b = "EREBUS IS BEST."
condition:
all of them
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
