malware_analysis
malware_analysis copied to clipboard

Published 20 hours ago •

telekom-security

→

Metadata

This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.

Reame
Issues

Results 3 malware_analysis issues

Sort by recently updated

refactor: a few changes to improve coverage

Changes that allow it to match on - small PE files with a few of the strings - memory (by removing `filesize` restriction) - reduce the number of strings by...

Neo23x0

`Binary.bz.WrappedSetupProgram` is a cab file

3

`Binary.bz.WrappedSetupProgram` is a cab file not a plaintext test sample : 0e01bad874c61d09d09ce06f76f5e46f6648a1fc943644874c8e1a53a93af9a7

vest12385

Java class files and plugx false positives

Would it make sense to add a little check in https://github.com/telekom-security/malware_analysis/blob/main/plugx/plugx_mustang_panda.yar to not scan java class files? This rule is very often giving false positives on java class files. They...

lars-solberg

About

This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.

reverse-engineering

malware-analysis

malware-research

malware

cti

105

Stars

14

Forks

Watchers

Owner

telekom-security

← Metadata

105

Stars

14

Forks

Watchers

Owner

telekom-security

Metadata

This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.

Back

malware_analysis malware_analysis copied to clipboard

Metadata

refactor: a few changes to improve coverage

`Binary.bz.WrappedSetupProgram` is a cab file

Java class files and plugx false positives

← Metadata

Owner

Metadata

malware_analysis
malware_analysis copied to clipboard