Sneed-Reactivity/yara-mikesxrs/phish me/PM_Dyre_Voice_Message.yar

rule PM_Dyre_Voice_Message
{
meta:
	author="R.Tokazowski"
	company="PhishMe, Inc."
	URL="http://phishme.com/two-attacks-two-dyres-infrastructure/"


strings:
	$s1 = "voice message" nocase
	$s2 = "voice redirected message" nocase
	$s3 = "sent: " nocase

condition:
	2 of them
}
OMG ISTG PLS WORK RED PILL :red_circle: :pill: 2024-07-25 12:43:35 -05:00			`rule PM_Dyre_Voice_Message`
			`{`
			`meta:`
			`author="R.Tokazowski"`
			`company="PhishMe, Inc."`
			`URL="http://phishme.com/two-attacks-two-dyres-infrastructure/"`


			`strings:`
			`$s1 = "voice message" nocase`
			`$s2 = "voice redirected message" nocase`
			`$s3 = "sent: " nocase`

			`condition:`
			`2 of them`
			`}`