Upload files to "yara"

2025-01-12 22:40:13 -05:00
parent bffa34b43f
commit 9a615e1afd
14 changed files with 641 additions and 0 deletions
--- a/yara/Plead-yara-20250112.yar
+++ b/yara/Plead-yara-20250112.yar
@ -0,0 +1,22 @@
+Plead_IOCs {
+  meta:
+    creator = "Cpl Iverson"
+    date = "2025-01-12"
+    description = "Suspicious IPs, Hashes, and Domains"
+    apt_group = "BlackTech"
+  strings:
+    $sha1_13D064741B801E421E3B53BC5DABFA7031C98DD9 = "13D064741B801E421E3B53BC5DABFA7031C98DD9"
+    $sha1_62A693F5E4F92CCB5A2821239EFBE5BD792A46CD = "62A693F5E4F92CCB5A2821239EFBE5BD792A46CD"
+    $sha1_11A5D1A965A3E1391E840B11705FFC02759618F8 = "11A5D1A965A3E1391E840B11705FFC02759618F8"
+    $sha1_B01D8501F1EEAF423AA1C14FCC816FAB81AC8ED8 = "B01D8501F1EEAF423AA1C14FCC816FAB81AC8ED8"
+    $sha1_1DB4650A89BC7C810953160C6E41A36547E8CF0B = "1DB4650A89BC7C810953160C6E41A36547E8CF0B"
+    $sha1_9C4F8358462FAFD83DF51459DBE4CD8E5E7F2039 = "9C4F8358462FAFD83DF51459DBE4CD8E5E7F2039"
+    $sha1_80AE7B26AC04C93AD693A2D816E8742B906CC0E3 = "80AE7B26AC04C93AD693A2D816E8742B906CC0E3"
+    $sha1_239786038B9619F9C22401B110CF0AF433E0CEAD = "239786038B9619F9C22401B110CF0AF433E0CEAD"
+    $sha1_CA160884AE90CFE6BEC5722FAC5B908BF77D9EEF = "CA160884AE90CFE6BEC5722FAC5B908BF77D9EEF"
+    $domain_okinawas_ssl443_org = "okinawas.ssl443.org"
+    $domain_office_panasocin_com = "office.panasocin.com"
+    $domain_amazon_panasocin_com = "amazon.panasocin.com"
+  condition:
+    any of them
+}