greysec/litterbox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f9b235711024b30a4217a3dc866c89eba07ea286
litterbox/Scanners/Yara/rules/elastic-yara/Linux_Exploit_Abrox.yar
T
BlackSnufkin f9b2357110 Refresh scanner binaries + restructure YARA rules
2026-05-04 08:56:43 -07:00

21 lines
701 B
Plaintext
Raw Blame History

rule Linux_Exploit_Abrox_5641ba81 {
meta:
author = "Elastic Security"
id = "5641ba81-2c37-4dd1-82d8-532182e8ed15"
fingerprint = "d2abedb6182f86982ebe283215331ce238fda3964535047768f2ea55719b052f"
creation_date = "2021-04-06"
last_modified = "2021-09-16"
threat_name = "Linux.Exploit.Abrox"
reference_sample = "8de96c8e61536cae870f4a24127d28b86bd8122428bf13965c596f92182625aa"
severity = 100
arch_context = "x86"
scan_context = "file, memory"
license = "Elastic License v2"
os = "linux"
strings:
$a = { 04 58 CD 80 6A 17 58 31 DB CD 80 31 D2 52 68 2E }
condition:
all of them
}
Reference in New Issue View Git Blame Copy Permalink