id: trumpbot-malware

info:
  name: TrumpBot Malware - Detect
  author: daffainfo
  severity: info
  reference: https://github.com/Yara-Rules/rules/blob/master/malware/MALW_Trumpbot.yar
  tags: malware,file
file:
  - extensions:
      - all
    matchers:
      - type: word
        part: raw
        words:
          - "trumpisdaddy"
          - "198.50.154.188"
        condition: and

# digest: 490a00463044022077686f6a132d9f6022811b59ada2f6e32dc4c3847f849c6c62578d03d11b0fa002202ed35d1b92c92e2fc792b216642c08c92cc9e1a52032828ce2df303909b75f03:922c64590222798bb761d5b6d8e72950