Common Information
| Type | Value |
|---|---|
| Value |
rule backdoor_net {
meta:
description = "Backdoor targets Mongolia"
author = " @sebdraven "
date = "20200323"
tlp = "white"
strings:
$s1 = "RunHide"
$s2 = "Token"
$s3 = "BasicKey"
$s4 = "SessionKey"
$s5 = "AdminKeyMD5"
$s6 = "Aes256"
$s7 = "Order_Catcher"
$s8 = "Get_ComputerInfo"
$s9 = "TransData"
condition:
all of them
}
|
| Category | |
| Type | Yara Rule |
| Misp Type | |
| Description |