Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/remusdbd/detecting-voldemort-malware

YARA signature | YARA rule for Detecting Voldemort Malware
https://github.com/remusdbd/detecting-voldemort-malware

cuckoo edr malware security-onion soar splunk threat-hunting voldemort voldemort-malware yara yara-rule

Last synced: 15 days ago
JSON representation

YARA signature | YARA rule for Detecting Voldemort Malware

Host: GitHub
URL: https://github.com/remusdbd/detecting-voldemort-malware
Owner: RemusDBD
License: gpl-3.0
Created: 2024-09-07T03:03:45.000Z (4 months ago)
Default Branch: main
Last Pushed: 2024-09-09T02:11:01.000Z (3 months ago)
Last Synced: 2024-09-09T05:01:29.527Z (3 months ago)
Topics: cuckoo, edr, malware, security-onion, soar, splunk, threat-hunting, voldemort, voldemort-malware, yara, yara-rule
Language: YARA
Homepage:
Size: 12.5 MB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Detecting-Voldemort-Malware

[YARA rule](https://github.com/RemusDBD/Detecting-Voldemort-Malware/blob/main/Detecting-Voldemort-Malware.yar) for detecting [Voldemort Malware](https://www.proofpoint.com/us/blog/threat-insight/malware-must-not-be-named-suspected-espionage-campaign-delivers-voldemort)

✓ Environemnt tested on [Cuckoo 2.0.7](https://github.com/cuckoosandbox/cuckoo) , [Security onion 2.4.90](https://github.com/Security-Onion-Solutions/securityonion)

Should compatible on Splunk or any EDR/SOAR with any yara connector.

## MISC

> The yara rule is expected to show false positive result. Please use the "Issues" section to report false any positive.

> Pull requests for contributing IOCs is highly appreciated.