Merge pull request #9637 from theMiddleBlue/fix-network/c2/xtremerat-trojan.yaml

fix: network/c2/xtremerat-trojan.yaml replace matcher type
2024-04-27 15:18:18 +05:30 · 2024-04-27 15:18:18 +05:30 · a299543183
parent 4502716343 fd5b7fb6aa
commit a299543183
1 changed files with 3 additions and 4 deletions
--- a/network/c2/xtremerat-trojan.yaml
+++ b/network/c2/xtremerat-trojan.yaml
@ -25,8 +25,7 @@ tcp:
    read-size: 1024

    matchers:
-      - type: word
-        encoding: hex
-        words:
-          - "58"
+      - type: regex
+        regex:
+          - "^X$"
 # digest: 4a0a0047304502206fa95ec595a2933ca08a0326dbce0d411afd01de4b65c0c060b9d1317264e96e022100a648393498fd3a99b1aec95f74372fc476d2e484933f438b68468bc6efa642d4:922c64590222798bb761d5b6d8e72950