Common Information
| Type | Value |
|---|---|
| Value |
rule InetDownLoader {
meta:
description = "CMTDownLoader"
author = "LAC Co., Ltd."
strings:
$str1 = "ReleaseInetDownLoader.pdb"
$str2 = "hello.exe"
condition:
uint16(0) == 0x5A4D and ($str1 and $str2)
}
|
| Category | |
| Type | Yara Rule |
| Misp Type | |
| Description |