Update Miscelanea_Linux.yar

malware/Miscelanea_Linux.yar

@@ -184,26 +184,4 @@ rule ldpreload
 		($a or $b) and 5 of them
 }
 
-rule keylogger
-{
-        meta:
-                author="xorseed"
-                reference="https://stuff.rop.io/"
-	strings:
-		$a = "XListInputDevices" ascii wide
-		$b = "XOpenDevice" ascii wide
-		$c = "XOpenIM" ascii wide
-		$d = "XGetIMValues" ascii wide
-		$e = "XmbLookupString" ascii wide
-		$f = "XFree" ascii wide
-		$g = "XCreateIC" ascii wide
-		$h = "XOpenDisplay" ascii wide
-		$i = "XNextEvent" ascii wide
-		$j = "XInternAtom" ascii wide
-		$k = "XSelectExtensionEvent" ascii wide
-		$l = "XFreeDeviceList" ascii wide
-		$m = "XGetWindowProperty" ascii wide
-		$n = "XkbKeycodeToKeysym" ascii wide
-	condition:
-		all of them
-}
+