15 lines
No EOL
292 B
Text
15 lines
No EOL
292 B
Text
rule swrort : rat
|
|
{
|
|
meta:
|
|
description = "Trojan:Win32/Swrort / Downloader"
|
|
author = "Jean-Philippe Teissier / @Jipe_"
|
|
date = "2013-06-22"
|
|
filetype = "memory"
|
|
version = "1.0"
|
|
|
|
strings:
|
|
$path = "c:\\code\\httppump\\inner\\objchk_wxp_x86\\i386\\i.pdb"
|
|
|
|
condition:
|
|
all of them
|
|
} |