ioc[.]one - OSINT Cyber Threat Intelligence Database

Show in Graph

Common Information

Type	Value
Value	rule apt_RU_MoonlightMaze_encrypted_keylog { meta: author = "Kaspersky Lab" date = "2017-03-27" version = "1.0" last_modified = "2017-03-27" reference = "https://en.wikipedia.org/wiki/Moonlight_Maze" description = "Rule to detect Moonlight Maze encrypted keylogger logs" strings: $a1 = { 47 01 22 2A 6D 3E 39 2C } condition: ($a1 at 0) }
Category
Type	Yara Rule
Misp Type
Description

Details		Published	Attributes	CTI		Title
Details	Pdf	2017-04-03	92			PENQUIN’S MOONLIT MAZE