Common Information
| Type | Value |
|---|---|
| Value |
rule Windows_Trojan_Shadowpad_2 {
meta:
author = "Elastic Security"
creation_date = "2023-01-31"
last_modified = "2023-01-31"
description = "Target SHADOWPAD loader"
os = "Windows"
arch = "x86"
category_type = "Trojan"
family = "Shadowpad"
threat_name = "Windows.Trojan.Shadowpad"
license = "Elastic License v2"
strings:
$a1 = "{%8.8x-%4.4x-%4.4x-%8.8x%8.8x}"
condition:
all of them
}
|
| Category | |
| Type | Yara Rule |
| Misp Type | |
| Description |