16 lines
284 B
YAML
16 lines
284 B
YAML
|
id: deadbolt-ransomware
|
||
|
|
|
||
|
|
info:
|
||
|
|
name: Deadbolt Ransomware Detection
|
||
|
|
author: pdteam
|
||
|
|
severity: info
|
||
|
|
|
||
|
|
requests:
|
||
|
|
- method: GET
|
||
|
|
path:
|
||
|
|
- "{{BaseURL}}"
|
||
|
|
|
||
|
|
matchers:
|
||
|
|
- type: word
|
||
|
|
words:
|
||
|
|
- "<title>ALL YOUR FILES HAVE BEEN LOCKED BY DEADBOLT.</title>"
|