Tag Archives: YARA Signature to detect LURK0 Remote Access Trojan (RAT) Malware

YARA Signature to detect LURK0 Remote Access Trojan (RAT) Malware

private rule LURK0Header : Family LURK0 { meta: description = “5 char code for LURK0” author = “Katie Kleemola” last_updated = “07-21-2014” strings: $ = { C6 [5] 4C C6 [5] 55 C6 [5] 52 C6 [5] 4B C6 [5] 30 } condition: any of them } private rule CCTV0Header : Family CCTV0 { meta:… Read More »

Share Button