Sneed-Group/Sneed-Reactivity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Sneed-Reactivity/yara-mikesxrs/dragos/shutdown_scheduling.yar
Sam Sneed 08e8d462fe OMG ISTG PLS WORK 
RED PILL 🔴 💊
2024-07-25 12:43:35 -05:00

12 lines
403 B
Text
Raw Permalink Blame History

rule shutdown_scheduling{
meta:
description = "Shutdown scheduling"
author = "Dragos Inc"
reference = "https://troopers.de/downloads/troopers18/TR18_DM_Mind-The-Gap.pdf"
strings:
$s1 = { 68 44 43 01 10 8d 85 d8 f9 ff ff 50 ff 15 1c d2 00 10 85 c0 74 }
$s2 = { f6 05 44 f1 01 10 04 b8 6c 43 01 10 75 05 }
$s3 = { 56 57 8d 8d ?? ?? ?? ff 51 50 8d 85 ?? ?? ?? ff 68 a8 42 01 10 }
condition:
all of ($s*)
}
Reference in a new issue View git blame Copy permalink