Yara Rule - C2와 통신하는 트로이 목마 (파이썬으로 작성)를 탐지 관련 IOC 6개 발견
Yara 정의.
Neo23x0
Yara Rule - Detects a trojan (written in Python) that communicates with c2 - was seen being used by LockBit 3.0 affiliates exploiting CVE-2023-4966
Yara definition.
https://github.com/Neo23x0/signature-base/commit/fe824077e94a685dbfca83edb036f7197770bdc3