Common Information
Type | Value |
---|---|
Value |
rule Linux_Kinsing_Malware { meta: description = "Detects Kinsing Malware" author = " [email protected] " date = "2021-12-11" license = "Apache License 2.0" hash1 = "6e25ad03103a1a972b78c642bac09060fa79c460011dc5748cbb433cc459938b" strings: $a1 = "main.goKrongo" $a2 = "main.taskWithScanWorker" $a3 = "main.runTaskWithHttp" $a5 = "main.getMinerPid" $a6 = "main.sendResult" $a7 = "main.minerRunningCheck" condition: uint16(0) == 0x457f and 4 of them } |
Category | |
Type | Yara Rule |
Misp Type | |
Description |