id: ironpanda-malware-hash
info:
  name: Iron Panda Malware Hash - Detect
  author: pussycat0x
  severity: info
  description: Iron Panda Malware
  reference:
    - https://goo.gl/E4qia9
  tags: malware,IronPanda

file:
  - extensions:
      - all

    matchers:
      - type: dsl
        dsl:
          - "sha256(raw) == 'a0cee5822ddf254c254a5a0b7372c9d2b46b088a254a1208cb32f5fe7eca848a'"
          - "sha256(raw) == 'a89c21dd608c51c4bf0323d640f816e464578510389f9edcf04cd34090decc91'"
          - "sha256(raw) == '5cd2af844e718570ae7ba9773a9075738c0b3b75c65909437c43201ce596a742'"
          - "sha256(raw) == '0d6da946026154416f49df2283252d01ecfb0c41c27ef3bc79029483adc2240c'"
        condition: or
# digest: 490a0046304402200301d42c3766d7c293b5be428964594c852c2260bf2ff065cde79c007f542c6e022039dbb512053399446bd53d7648cef7c93c2d49e412421e21eaec413e308386a7:922c64590222798bb761d5b6d8e72950