Yara Rule - 러시아 지능 뱀 맬웨어 사냥
Yara 정의.
Yara Rule - Hunting Russian Intelligence Snake Malware
Yara definition.
Author: Matt Suiche (Magnet Forensics)
https://media.defense.gov/2023/May/09/2003218554/-1/-1/0/JOINT_CSA_HUNTING_RU_INTEL_SNAKE_MALWARE_20230509.PDF
date = "2023-05-10"
threat_name = "Windows.Malware.Snake"
score = 75
scan_context = "memory"
license = "MIT"
$a = { 25 73 23 31 }
$b = { 25 73 23 32 }
$c = { 25 73 23 33 }
$d = { 25 73 23 34 }
$e = { 2e 74 6d 70 }
$f = { 2e 74 6d 70 }
$g = { 2e 73 61 76 }
$h = { 2e 75 70 64 }```
[https://github.com/Neo23x0/signature-base/commit/67a998846f061fcebfa798cc0a00213115573750](https://github.com/Neo23x0/signature-base/commit/67a998846f061fcebfa798cc0a00213115573750)