Mirrors/cert-orangecyberdefense-cti
1
0
Fork 0
mirror of https://github.com/cert-orangecyberdefense/cti synced 2026-06-08 14:45:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create yara emmenhtal

Browse Source
This commit is contained in:
Mar-Pic
2025-02-18 15:58:19 +01:00
committed by GitHub
parent f8653616ec
commit 86de9de4ab
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
emmenhtal/yara emmenhtal
+10
View File
@@ -0,0 +1,10 @@
rule EmmenHTAl : malware {
strings:
$s1 = " = String.fromCharCode("
$s2 = ";var "
$s3 = "eval("
$s4 = "</script>"
$s5 = "<HTA:APPLICATION CAPTION = \"no\" WINDOWSTATE = \"minimize\" SHOWINTASKBAR = \"no\" >"
condition:
all of them
}