Sneed-Group/Sneed-Reactivity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Sneed-Reactivity/yara-mikesxrs/h3x2b/networking.yara
Sam Sneed 08e8d462fe OMG ISTG PLS WORK 
RED PILL 🔴 💊
2024-07-25 12:43:35 -05:00

20 lines
318 B
Text
Raw Permalink Blame History

import "pe"
//Detect capabilities of opening network sockets
rule winsocks : feature networking windows
{
meta:
description = "Imports Winsock Library"
condition:
// MZ at the beginning of file
uint16(0) == 0x5a4d and
pe.imports("wsock32.dll","WSAStartup") and
pe.imports("wsock32.dll","socket")
}
Reference in a new issue View git blame Copy permalink