daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/file/malware/hash/greenbug-malware-hash.yaml

33 lines
1.7 KiB
YAML
Raw Blame History

id: greenbug-malware-hash
info:
name: Greenbug Malware Hash - Detect
author: pussycat0x
severity: info
description: |
Detects Malware from Greenbug Incident
reference:
- https://goo.gl/urp4CD
- https://github.com/Yara-Rules/rules/blob/master/malware/APT_Greenbug.yar
tags: malware,Greenbug
file:
- extensions:
- all
matchers:
- type: dsl
dsl:
- "sha256(raw) == 'dab460a0b73e79299fbff2fa301420c1d97a36da7426acc0e903c70495db2b76'"
- "sha256(raw) == '6b28a43eda5b6f828a65574e3f08a6d00e0acf84cbb94aac5cec5cd448a4649d'"
- "sha256(raw) == '21f5e60e9df6642dbbceca623ad59ad1778ea506b7932d75ea8db02230ce3685'"
- "sha256(raw) == '319a001d09ee9d754e8789116bbb21a3c624c999dae9cf83fde90a3fbe67ee6'"
- "sha256(raw) == '44bdf5266b45185b6824898664fd0c0f2039cdcb48b390f150e71345cd867c49'"
- "sha256(raw) == '7f16824e7ad9ee1ad2debca2a22413cde08f02ee9f0d08d64eb4cb318538be9c'"
- "sha256(raw) == '308a646f57c8be78e6a63ffea551a84b0ae877b23f28a660920c9ba82d57748f'"
- "sha256(raw) == '82beaef407f15f3c5b2013cb25901c9fab27b086cadd35149794a25dce8abcb9'"
- "sha256(raw) == '308a646f57c8be78e6a63ffea551a84b0ae877b23f28a660920c9ba82d57748f'"
- "sha256(raw) == '44bdf5266b45185b6824898664fd0c0f2039cdcb48b390f150e71345cd867c49'"
- "sha256(raw) == '7f16824e7ad9ee1ad2debca2a22413cde08f02ee9f0d08d64eb4cb318538be9c'"
- "sha256(raw) == '82beaef407f15f3c5b2013cb25901c9fab27b086cadd35149794a25dce8abcb9'"
condition: or
# digest: 4a0a00473045022077930b63738553480367e50314899ea548fca78cf499bfa0b139e798e7af18e10221008a78bcf158ccf90ec42fc2fca2f4bab5b64c36395f1913f238cd66f65ac0307f:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink