Sneed-Reactivity/yara-mikesxrs/malc0de/webc2_y21k_apt1.yar at main - Sneed-Group/Sneed-Reactivity - sneedGit: git for sneed group

Sneed-Group/Sneed-Reactivity

Sam Sneed 08e8d462fe OMG ISTG PLS WORK

RED PILL 🔴 💊

2024-07-25 12:43:35 -05:00

9 lines

No EOL

173 B

Text

Raw Permalink Blame History

 rule webc2_y21k : apt
 {
     strings:
         $a = "c2xlZXA="
         $b = "+Windows+NT+5.1"
 		$c = "cXVpdA=="
     condition:
         filesize < 100KB and (3 of ($a,$b,$c))
 }