Sneed-Reactivity/yara-mikesxrs/Jipe_/Terminator.yar

17 lines
390 B
Text
Raw Normal View History

rule TerminatorRat : rat
{
meta:
description = "Terminator RAT"
author = "Jean-Philippe Teissier / @Jipe_"
date = "2013-10-24"
filetype = "memory"
version = "1.0"
ref1 = "http://www.fireeye.com/blog/technical/malware-research/2013/10/evasive-tactics-terminator-rat.html"
strings:
$a = "Accelorator"
$b = "<html><title>12356</title><body>"
condition:
all of them
}