id: minidionis-vbs-malware-hash
info:
  name: MiniDionis VBS Dropped File Hash - Detect
  author: pussycat0x
  severity: info
  description: Detect Dropped File - 1.vbs
  reference:
    - https://malwr.com/analysis/ZDc4ZmIyZDI4MTVjNGY5NWI0YzE3YjIzNGFjZTcyYTY/
    - https://github.com/Yara-Rules/rules/blob/master/malware/APT_Minidionis.yar
  tags: malware,minidionis

file:
  - extensions:
      - all

    matchers:
      - type: dsl
        dsl:
          - "sha256(raw) == '97dd1ee3aca815eb655a5de9e9e8945e7ba57f458019be6e1b9acb5731fa6646'"
# digest: 4b0a00483046022100da5188e98d74fb2871b54281c14edb11d3cd3a8a80be3458fe046c8a778eb4c5022100ee694e6a02206cbebc6d1e51e273197da0e84da2d689bf05bf7cb793ee0a79fd:922c64590222798bb761d5b6d8e72950