Skip to content

Commit

Permalink
Create MALW_XHide.yar
Browse files Browse the repository at this point in the history
  • Loading branch information
@wolfvan
wolfvan committed Nov 30, 2017
1 parent 6caded7 commit 5f193ee
Showing 1 changed file with 15 additions and 0 deletions.
15 changes: 15 additions & 0 deletions malware/MALW_XHide.yar
View file
@@ -0,0 +1,15 @@
rule XHide: MALW
{
meta:
description = "XHide - Process Faker"
author = "Joan Soriano / @w0lfvan"
date = "2017-12-01"
version = "1.0"
MD5 = "c644c04bce21dacdeb1e6c14c081e359"
SHA256 = "59f5b21ef8a570c02453b5edb0e750a42a1382f6"
strings:
$a = "XHide - Process Faker"
$b = "Fakename: %s PidNum: %d"
condition:
all of them
}

0 comments on commit 5f193ee

Please sign in to comment.