Common Information
Type Value
Value
rule CrowdStrike_CVE_2014_4113 {
	meta:
		copyright = "CrowdStrike, Inc"
		description = "CVE-2014-4113 Microsoft Windows x64 Local Privilege Escalation Exploit"
		version = "1.0"
		last_modified = "2014-10-14"
		in_the_wild = true
	strings:
		$const1 = { FB FF FF FF }
		$const2 = { 0B 00 00 00 01 00 00 00 }
		$const3 = { 25 00 00 00 01 00 00 00 }
		$const4 = { 8B 00 00 00 01 00 00 00 }
	condition:
		all of them
}
Category
Type Yara Rule
Misp Type
Description
Details Published Attributes CTI Title
Details Website 2014-10-14 5 CrowdStrike Discovers Use of of 64-bit Exploit by Hurricane Panda