Sneed-Reactivity/yara-mikesxrs/patrickrolsen/Backdoor_APT_Mongall.yar

18 lines
451 B
Text
Raw Permalink Normal View History

rule Backdoor_APT_Mongall
{
meta:
author = "@patrickrolsen"
maltype = "Backdoor.APT.Mongall"
version = "0.1"
reference = "fd69a799e21ccb308531ce6056944842"
description = "https://github.com/1aN0rmus/Yara"
date = "01/04/2014"
strings:
$author = "author user"
$title = "title Vjkygdjdtyuj" nocase
$comp = "company ooo"
$cretime = "creatim\\yr2012\\mo4\\dy19\\hr15\\min10"
$passwd = "password 00000000"
condition:
all of them
}