Yara Rule - Bibi-Linux 와이퍼를 감지
Yara 정의.
Yara Rule - Detects BiBi-Linux Wiper
Yara definition.
Author: Felipe Duarte, Security Joes
https://www.securityjoes.com/post/bibi-linux-a-new-wiper-dropped-by-pro-hamas-hacktivist-group
hash ="23bae09b5699c2d5c4cb1b8aa908a3af898b00f88f06e021edcb16d7d558efad"
$str1 = "[+] Stats: "
$str2 = { 2e 00 00 00 42 00 00 00 69 00 00 00 42 00 00 00 69 00 }
$str3 = "[!] Waiting For Queue "
$str4 = "[+] Round "
$str5 = "[+] Path: "
$str6 = "[+] CPU cores: "
$str7 = "Threads: "```
[https://github.com/Neo23x0/signature-base/commit/be697cf2de62166abc4abb8f4ccf7ba5908556b8](https://github.com/Neo23x0/signature-base/commit/be697cf2de62166abc4abb8f4ccf7ba5908556b8)