Example of pattern extraction and writing the rule:

alpha version!

Why need `--generic`?:

Example of pattern extraction and writing the rule:

Start:

➜  Ese git:(master) ✗ python3 ese.py -f malware/sample1_wso.php

See output:

Write example rule:

rule f49dd66a179e44e9a0a5a173676a4525: phpshell
{
    meta:
        author = "delyee"
        date = "08.10.2019"
        sha256sum = "1c62a00fe13fbff09ebc16cf408f5d9f53a285fc1014438c2a488e3f6d2b65bc"
    strings:
        $ = "<?php eval(gzinflate(base64_decode('HZzHkuNQdgV"
        $ = "Z///s//AQ=='))); ?>"
    condition:
        all of them
}

Result:

Results for other samples:

Name		Name	Last commit message	Last commit date
Latest commit History 22 Commits
screenshots		screenshots
.gitattributes		.gitattributes
.gitignore		.gitignore
ese.py		ese.py
markers.list		markers.list
readme.md		readme.md
requirements.txt		requirements.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

alpha version!

Why need `--generic`?:

Example of pattern extraction and writing the rule:

About

Releases

Packages

Languages

delyee/Ese

Folders and files

Latest commit

History

Repository files navigation

alpha version!

Why need --generic?:

Example of pattern extraction and writing the rule:

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Why need `--generic`?:

Packages