Skip to content

Commit

Permalink
Update BazarBackdoor.yar
Browse files Browse the repository at this point in the history
  • Loading branch information
@bartblaze
bartblaze authored Aug 14, 2024
1 parent 4ed566a commit 241d297
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions rules/crimeware/BazarBackdoor.yar
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,9 @@ rule BazarBackdoor


strings:
$ = { c7 44 ?? ?? 6d 73 67 3d c7 44 ?? ?? 6e 6f 20 66 c7 44 ?? ?? 69 6c 65 00 }
$ = { c7 44 ?? ?? 43 4e 20 3d 4? 8b f1 4? 89 b? ?? ?? ?? ?? 33 d2 4? 89 b? ?? ?? ?? ?? 4? 8d ?? ?4 60 4? 89 b? ?? ?? ?? ?? 4? 8d 7f 10 c7 44 ?? ?? 20 6c 6f 63 4? 8b c7 c7 44 ?? ?? 61 6c 68 6f 4? 8b df 66 c7 44 ?? ?? 73 74 }
$ = {c7 44 ?? ?? 6d 73 67 3d c7 44 ?? ?? 6e 6f 20 66 c7 44 ?? ?? 69 6c 65 00}
$ = {c7 44 ?? ?? 43 4e 20 3d 4? 8b f1 4? 89 b? ?? ?? ?? ?? 33 d2 4? 89 b? ?? ?? ?? ?? 4? 8d ?? ?4 60 4? 89 b? ?? ?? ?? ?? 4? 8d 7f 10 c7 44 ?? ?? 20 6c 6f 63 4? 8b c7 c7 44 ?? ?? 61 6c 68 6f 4? 8b df 66 c7 44 ?? ?? 73 74}
condition:
any of them
}
}

0 comments on commit 241d297

Please sign in to comment.