Update APT_DeputyDog.yar

Fixed style rule

Update APT_DeputyDog.yar
Fixed style rule
cce235cc · Marc Rivero López · GitHub · 093d7832 · cce235cc
Commit cce235cc authored Jan 21, 2017 by Marc Rivero López Committed by GitHub Jan 21, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 13 additions and 9 deletions

APT_DeputyDog.yar malware/APT_DeputyDog.yar +13 -9

No files found.
--- a/malware/APT_DeputyDog.yar
+++ b/malware/APT_DeputyDog.yar
@@ -4,22 +4,26 @@

 import "pe"

-rule APT_DeputyDog_Fexel : APT DeputyDog
+rule APT_DeputyDog_Fexel
 {
+
 meta:
-	author = "ThreatConnect Intelligence Research Team"
+    author = "ThreatConnect Intelligence Research Team"
+
 strings:
-	$180 = "180.150.228.102" wide ascii
-	$0808cmd = {25 30 38 78 30 38 78 00 5C 00 63 00 6D 00 64 00 2E 00 65 00 78 00 65 [2-6] 43 00 61 00 6E 00 27 00 74 00 20 00 6F 00 70 00 65 00 6E 00 20 00 73 00 68 00 65 00 6C 00 6C 00 21}
-	$cUp = "Upload failed! [Remote error code:" nocase wide ascii
-	$DGGYDSYRL = {00 44 47 47 59 44 53 59 52 4C 00}
-	$GDGSYDLYR = "GDGSYDLYR_%" wide ascii
+    $180 = "180.150.228.102" wide ascii
+    $0808cmd = {25 30 38 78 30 38 78 00 5C 00 63 00 6D 00 64 00 2E 00 65 00 78 00 65 [2-6] 43 00 61 00 6E 00 27 00 74 00 20 00 6F 00 70 00 65 00 6E 00 20 00 73 00 68 00 65 00 6C 00 6C 00 21}
+    $cUp = "Upload failed! [Remote error code:" nocase wide ascii
+    $DGGYDSYRL = {00 44 47 47 59 44 53 59 52 4C 00}
+    $GDGSYDLYR = "GDGSYDLYR_%" wide ascii
+
 condition:
-	any of them
+    any of them
 }

-rule APT_DeputyDog : APT DeputyDog
+rule APT_DeputyDog
 {
+
    meta:
        Author      = "FireEye Labs"
        Date        = "2013/09/21"