greysec/litterbox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f9b235711024b30a4217a3dc866c89eba07ea286
litterbox/Scanners/Yara/rules/elastic-yara/Linux_Hacktool_Exploitscan.yar
T
BlackSnufkin f9b2357110 Refresh scanner binaries + restructure YARA rules
2026-05-04 08:56:43 -07:00

21 lines
745 B
Plaintext
Raw Blame History

rule Linux_Hacktool_Exploitscan_4327f817 {
meta:
author = "Elastic Security"
id = "4327f817-cb11-480f-aba7-4d5170c77758"
fingerprint = "3f70c8ef8f20f763dcada4353c254fe1df238829ce590fb87c279d8a892cf9c4"
creation_date = "2021-01-12"
last_modified = "2021-09-16"
threat_name = "Linux.Hacktool.Exploitscan"
reference_sample = "66c6d0e58916d863a1a973b4f5cb7d691fbd01d26b408dbc8c74f0f1e4088dfb"
severity = 100
arch_context = "x86"
scan_context = "file, memory"
license = "Elastic License v2"
os = "linux"
strings:
$a = { 24 08 8B 4C 24 0C 85 C0 74 20 8B 58 20 84 03 83 C3 10 8B 68 24 89 9C 24 DC 00 }
condition:
all of them
}
Reference in New Issue View Git Blame Copy Permalink