15 lines
249 B
Text
15 lines
249 B
Text
|
rule ft_tar
|
||
|
{
|
||
|
meta:
|
||
|
author = "Jason Batchelor"
|
||
|
company = "Emerson"
|
||
|
lastmod = "20151116"
|
||
|
desc = "Signature to detect on TAR archive files"
|
||
|
|
||
|
strings:
|
||
|
$magic = { 75 73 74 61 72 }
|
||
|
|
||
|
condition:
|
||
|
$magic at 257
|
||
|
}
|