daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/file/malware/hash/disgomoji-malware-hash.yaml

19 lines
698 B
YAML
Raw Blame History

id: disgomoji-malware-hash
info:
name: DISGOMOJI Malware Hash - Detect
author: pussycat0x
severity: info
description: Detects DISGOMOJI modules based on strings in the ELF.
reference:
- https://github.com/volexity/threat-intel/blob/main/2024/2024-06-13%20DISGOMOJI/indicators/rules.yar
tags: malware,disgomoji
file:
- extensions:
- all
matchers:
- type: dsl
dsl:
- "sha256(raw) == '2abaae4f6794131108adf5b42e09ee5ce24769431a0e154feabe6052cfe70bf3'"
# digest: 4b0a00483046022100f4dd415de9758c33403ccdc3b73573fa19b2af5574765856c455437f5fe08b900221009cadd9822eb7d450cbea102040895e61f38ecdb8088f8bcc60f7e70c866dc0f5:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink