Skip to content

R
rules
Commit 7991ef5f by mmorenog
Options

Update Android_Malware_Ramsonware.yar

parent 956e361d
Showing with 6 additions and 6 deletions
Mobile_Malware/Android_Malware_Ramsonware.yar
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
import "cuckoo" import "cuckoo"
rule ransomware : svpeng rule ransomware : svpeng android
{ {
meta: meta:
author = "Fernando Denis https://twitter.com/fdrg21" author = "Fernando Denis https://twitter.com/fdrg21"
...@@ -22,7 +22,7 @@ rule ransomware : svpeng ...@@ -22,7 +22,7 @@ rule ransomware : svpeng
} }
rule Ransomware : banker rule Ransomware : banker android
{ {
meta: meta:
author = "Fernando Denis https://twitter.com/fdrg21" author = "Fernando Denis https://twitter.com/fdrg21"
...@@ -43,7 +43,7 @@ rule Ransomware : banker ...@@ -43,7 +43,7 @@ rule Ransomware : banker
any of ($strings_*) any of ($strings_*)
} }
rule koler_domains rule koler_domains : android
{ {
meta: meta:
author = "https://twitter.com/jsmesa" author = "https://twitter.com/jsmesa"
...@@ -61,7 +61,7 @@ rule koler_domains ...@@ -61,7 +61,7 @@ rule koler_domains
cuckoo.network.dns_lookup(/policemobile.biz/) cuckoo.network.dns_lookup(/policemobile.biz/)
} }
rule koler_builds rule koler_builds : android
{ {
meta: meta:
author = "https://twitter.com/jsmesa" author = "https://twitter.com/jsmesa"
...@@ -78,7 +78,7 @@ rule koler_builds ...@@ -78,7 +78,7 @@ rule koler_builds
} }
rule koler_class rule koler_class : android
{ {
meta: meta:
author = "https://twitter.com/jsmesa" author = "https://twitter.com/jsmesa"
...@@ -94,7 +94,7 @@ rule koler_class ...@@ -94,7 +94,7 @@ rule koler_class
} }
rule koler_D rule koler_D : android
{ {
meta: meta:
author = "https://twitter.com/jsmesa" author = "https://twitter.com/jsmesa"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment