From 9f4837d892f7f1f9cf7c1e91bedd56a75af418d0 Mon Sep 17 00:00:00 2001 From: Update third-party rules <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 3 Feb 2025 00:21:59 +0000 Subject: [PATCH] Update third-party rules as of 2025-02-03 --- third_party/yara/YARAForge/RELEASE | 2 +- .../yara/YARAForge/yara-rules-full.yar | 3085 +++++++++-------- 2 files changed, 1567 insertions(+), 1520 deletions(-) diff --git a/third_party/yara/YARAForge/RELEASE b/third_party/yara/YARAForge/RELEASE index 1e4e11a9..ad51826f 100644 --- a/third_party/yara/YARAForge/RELEASE +++ b/third_party/yara/YARAForge/RELEASE @@ -1 +1 @@ -20250126 +20250202 diff --git a/third_party/yara/YARAForge/yara-rules-full.yar b/third_party/yara/YARAForge/yara-rules-full.yar index 04e24e03..fa4a6dc5 100644 --- a/third_party/yara/YARAForge/yara-rules-full.yar +++ b/third_party/yara/YARAForge/yara-rules-full.yar @@ -12,15 +12,15 @@ * Force Exclude Importance Level: 0 * Minimum Age (in days): 0 * Minimum Score: 40 - * Creation Date: 2025-01-26 - * Number of Rules: 13083 + * Creation Date: 2025-02-02 + * Number of Rules: 13084 * Skipped: 0 (age), 226 (quality), 7 (score), 0 (importance) */ /* * YARA Rule Set * Repository Name: ReversingLabs * Repository: https://github.com/reversinglabs/reversinglabs-yara-rules/ - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 073879b10edf4bf4c9d95198b10a4728e2397b51 * Number of Rules: 1220 * Skipped: 0 (age), 0 (quality), 0 (score), 0 (importance) @@ -31325,8 +31325,8 @@ rule REVERSINGLABS_Win32_Ransomware_ONI : TC_DETECTION MALICIOUS MALWARE FILE description = "Yara rule that detects Oni ransomware." author = "ReversingLabs" id = "9190aee2-1119-546e-82ca-a7aba44a9d7f" - date = "2025-01-26" - date = "2025-01-26" + date = "2025-02-02" + date = "2025-02-02" modified = "2020-12-07" reference = "ReversingLabs" source_url = "https://github.com/reversinglabs/reversinglabs-yara-rules//blob/073879b10edf4bf4c9d95198b10a4728e2397b51/yara/ransomware/Win32.Ransomware.Oni.yara#L1-L82" @@ -36514,8 +36514,8 @@ rule REVERSINGLABS_Bytecode_MSIL_Ransomware_Oct : TC_DETECTION MALICIOUS MALWARE description = "Yara rule that detects Oct ransomware." author = "ReversingLabs" id = "e811a0ba-52df-5e88-ab71-df91d5cb584a" - date = "2025-10-26" - date = "2025-10-26" + date = "2025-10-02" + date = "2025-10-02" modified = "2021-08-12" reference = "ReversingLabs" source_url = "https://github.com/reversinglabs/reversinglabs-yara-rules//blob/073879b10edf4bf4c9d95198b10a4728e2397b51/yara/ransomware/ByteCode.MSIL.Ransomware.Oct.yara#L1-L68" @@ -56087,8 +56087,8 @@ rule REVERSINGLABS_Linux_Virus_Vit : TC_DETECTION MALICIOUS MALWARE FILE description = "Yara rule that detects Vit virus." author = "ReversingLabs" id = "4515fe43-4c5a-521d-82b7-273823f0c64e" - date = "2025-01-26" - date = "2025-01-26" + date = "2025-02-02" + date = "2025-02-02" modified = "2023-06-07" reference = "ReversingLabs" source_url = "https://github.com/reversinglabs/reversinglabs-yara-rules//blob/073879b10edf4bf4c9d95198b10a4728e2397b51/yara/virus/Linux.Virus.Vit.yara#L3-L36" @@ -57498,7 +57498,7 @@ rule REVERSINGLABS_Win32_Exploit_CVE20200601 : TC_DETECTION MALICIOUS EXPLOIT CV * YARA Rule Set * Repository Name: Elastic * Repository: https://github.com/elastic/protections-artifacts/ - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 195c9611ddb90db599d7ffc1a9b0e8c45688007d * Number of Rules: 1848 * Skipped: 0 (age), 7 (quality), 0 (score), 0 (importance) @@ -114662,7 +114662,7 @@ rule ELASTIC_Linux_Rootkit_Brokepkg_7B7D4581 : FILE MEMORY * YARA Rule Set * Repository Name: R3c0nst * Repository: https://github.com/fboldewin/YARA-rules/ - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 54e9e6899b258b72074b2b4db6909257683240c2 * Number of Rules: 26 * Skipped: 0 (age), 0 (quality), 0 (score), 0 (importance) @@ -115427,9 +115427,9 @@ rule R3C0NST_ATM_Malware_Ploutusi : FILE * YARA Rule Set * Repository Name: CAPE * Repository: https://github.com/kevoreilly/CAPEv2 - * Retrieval Date: 2025-01-26 - * Git Commit: 8ce9f63374fd91e788c42b37b4853baea69c52d7 - * Number of Rules: 165 + * Retrieval Date: 2025-02-02 + * Git Commit: 19280c6ec63803abade1d5fc7292d2228a67990a + * Number of Rules: 166 * Skipped: 0 (age), 14 (quality), 3 (score), 0 (importance) * * @@ -116110,8 +116110,8 @@ rule CAPE_Privateloader date = "2024-10-04" modified = "2024-10-04" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/PrivateLoader.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/PrivateLoader.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "204a86bb3743f19fed0fe55ff5ccd716661f7f315b5966a29e434ccb3e160526" score = 75 quality = 70 @@ -116134,8 +116134,8 @@ rule CAPE_Stealcanti : FILE date = "2024-01-19" modified = "2024-01-19" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Stealc.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Stealc.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "77d6f1914af6caf909fa2a246fcec05f500f79dd56e5d0d466d55924695c702d" logic_hash = "4132e8094b0b49a89e9f40a8b1a6abbf105bbb04e4ddf3ce739e39fc2baf0d13" score = 75 @@ -116159,8 +116159,8 @@ rule CAPE_Stealcstrings : FILE date = "2024-01-19" modified = "2024-01-19" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Stealc.yar#L15-L26" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Stealc.yar#L15-L26" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "6d402446a979c00b6257ace9924db381d98c530b22968bd2776c66d58c7faefc" score = 75 quality = 70 @@ -116183,8 +116183,8 @@ rule CAPE_Loadersyscall date = "2024-12-02" modified = "2024-12-02" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/NitrogenLoader.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/NitrogenLoader.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "3c7ffd8b95032cffecff7fa7e5f5f561cce13e1109f6a9b30bc743642b495e45" score = 75 quality = 70 @@ -116208,8 +116208,8 @@ rule CAPE_Nitrogenloaderaes date = "2024-12-02" modified = "2024-12-02" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/NitrogenLoader.yar#L15-L27" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/NitrogenLoader.yar#L15-L27" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "de8ed0e98948cfadfd579e334fd9ce9f777ddbd988de897529ba71cb5eb2d396" score = 75 quality = 70 @@ -116233,8 +116233,8 @@ rule CAPE_Nitrogenloaderbypass date = "2024-12-02" modified = "2024-12-02" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/NitrogenLoader.yar#L29-L41" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/NitrogenLoader.yar#L29-L41" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "3a034d3ddd18723ea1f91814c8c2a2c47a749dfd1496a5d4777d8ff8bfab3457" score = 75 quality = 70 @@ -116258,8 +116258,8 @@ rule CAPE_Nitrogenloaderconfig date = "2024-12-02" modified = "2024-12-02" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/NitrogenLoader.yar#L43-L54" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/NitrogenLoader.yar#L43-L54" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "a1f9e95b8039b16e3926b7288c036e81cf72b2dbb91ab9e69125f18d89fa1a03" score = 75 quality = 70 @@ -116282,8 +116282,8 @@ rule CAPE_Rdtscpantivm date = "2021-12-11" modified = "2021-12-11" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/RdtscpAntiVM.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/RdtscpAntiVM.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "be0f9b52fb630730a38160f4ad2d50b6b4bea5edd82e3ea4d1e257cf7b090910" score = 75 quality = 70 @@ -116305,8 +116305,8 @@ rule CAPE_Pikahook : FILE date = "2024-03-12" modified = "2024-03-12" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Pikabot.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Pikabot.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "2a50a5f2d905122a5b7ac8ca3666b47caa24d325e246841129e53807daf2a1dd" score = 75 quality = 70 @@ -116331,8 +116331,8 @@ rule CAPE_Pikexport : FILE date = "2024-03-12" modified = "2024-03-12" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Pikabot.yar#L16-L28" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Pikabot.yar#L16-L28" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "238dcc5611ed9066b63d2d0109c9b623f54f8d7b61d5f9de59694cfc60a4e646" logic_hash = "33f58703a0e40c2361343dbdcc17111aafbf5cc912393edda79005c6ec566f42" score = 75 @@ -116356,8 +116356,8 @@ rule CAPE_Anticuckoo : FILE date = "2023-03-17" modified = "2023-03-17" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/AntiCuckoo.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/AntiCuckoo.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "ad5e52f144bb4a1dae3090978c6ecb4c7732538c9b62a6cedd32eccee6094be5" logic_hash = "a039aeca2dae44980e8bffafacfda90975e107001be50f11ac916b35ad43592e" score = 75 @@ -116380,8 +116380,8 @@ rule CAPE_Singlestepantihook date = "2021-08-26" modified = "2021-08-26" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/SingleStepAntiHook.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/SingleStepAntiHook.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "fc9f36b0ecc13192fe8b6caaff256ac52c1f14480223d629a38ba84e90dd0809" score = 75 quality = 70 @@ -116395,16 +116395,41 @@ rule CAPE_Singlestepantihook any of them } rule CAPE_Modiloader : FILE +{ + meta: + description = "ModiLoader detonation shim" + author = "kevoreilly" + id = "64f9aa51-d668-5d40-9781-c26970acf781" + date = "2025-01-31" + modified = "2025-01-31" + reference = "https://github.com/kevoreilly/CAPEv2" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/ModiLoader.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" + hash = "1f0cbf841a6bc18d632e0bc3c591266e77c99a7717a15fc4b84d3e936605761f" + logic_hash = "9e64e0c40192cc832a1ffa7b3ac65a704596af82515d03706cd7aa1f4498f32f" + score = 75 + quality = 70 + tags = "FILE" + cape_options = "exclude-apis=NtAllocateVirtualMemory:NtProtectVirtualMemory" + + strings: + $epilog1 = {81 C2 A1 03 00 00 87 D1 29 D3 33 C0 5A 59 59 64 89 10 68} + $epilog2 = {6A 00 6A 01 8B 45 ?? 50 FF 55 ?? 33 C0 5A 59 59 64 89 10 68} + + condition: + uint16( 0 ) == 0x5a4d and all of them +} +rule CAPE_Modiloaderold : FILE { meta: description = "ModiLoader detonation shim" author = "ditekSHen" id = "2b3fd8ec-b672-574b-9b50-1a9ca9f43299" - date = "2023-10-19" - modified = "2023-10-19" + date = "2025-01-31" + modified = "2025-01-31" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/ModiLoader.yar#L1-L39" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/ModiLoader.yar#L15-L53" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "fc006377e6d41515503b0b234ff87f59d930a7d9f8b32d2e072de79b9c52ddc4" score = 75 quality = 66 @@ -116448,8 +116473,8 @@ rule CAPE_Slowloader date = "2024-09-23" modified = "2024-09-23" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/SlowLoader.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/SlowLoader.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "f07528c646ebd980a5e843caa4a4715e31b22c3cd091576600e9fe45d7fc2fe4" score = 75 quality = 70 @@ -116472,8 +116497,8 @@ rule CAPE_Buerloader : FILE date = "2021-03-13" modified = "2021-03-13" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/BuerLoader.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/BuerLoader.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "6f9f9b4c01251c0643c61701084cca2bdfeea08ca95f982355565cf05483d940" score = 75 quality = 70 @@ -116495,8 +116520,8 @@ rule CAPE_Rhadamanthys date = "2023-04-18" modified = "2023-04-18" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Rhadamanthys.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Rhadamanthys.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "3c8fbfe14f81e099fc900023d9c856e3f45b99af38889ed952b2ac67a636f51d" score = 75 quality = 70 @@ -116521,8 +116546,8 @@ rule CAPE_Gettickcountantivm date = "2022-02-25" modified = "2022-02-25" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/GetTickCountAntiVM.yar#L1-L20" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/GetTickCountAntiVM.yar#L1-L20" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "662bc7839ed7ddd82d5fdafa29fafd9a9ec299c28820fe4104fbba9be1a09c42" hash = "00f1537b13933762e1146e41f3bac668123fac7eacd0aa1f7be0aa37a91ef3ce" hash = "549bca48d0bac94b6a1e6eb36647cd007fed5c0e75a0e4aa315ceabdafe46541" @@ -116553,8 +116578,8 @@ rule CAPE_Darkgateloader date = "2023-10-02" modified = "2023-10-02" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/DarkGateLoader.yar#L1-L15" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/DarkGateLoader.yar#L1-L15" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "56069f38edb7d50b0d5680a847d85b1aabc97e432a37911ac9d28aee3b12f526" score = 75 quality = 68 @@ -116580,8 +116605,8 @@ rule CAPE_Doomedloader : FILE date = "2024-07-25" modified = "2024-07-25" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/DoomedLoader.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/DoomedLoader.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "54a5962ef49ebf987908c4ea1559788f7c96a7e4ea61d2973636e998a0239c77" score = 75 quality = 70 @@ -116605,8 +116630,8 @@ rule CAPE_Icedidsyscallwritemem : FILE date = "2023-11-28" modified = "2023-11-28" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/IcedID.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/IcedID.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "6b068106b038e9efeb9057cadf314d400c1ada1a1cc70336d3272da3a212c993" score = 75 quality = 70 @@ -116630,8 +116655,8 @@ rule CAPE_Icedidhook date = "2023-11-28" modified = "2023-11-28" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/IcedID.yar#L15-L25" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/IcedID.yar#L15-L25" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "fd62e0ed6f2a18472fa9336daee0e8a3a55e21779a8385394e85f96da928e24f" score = 75 quality = 70 @@ -116653,8 +116678,8 @@ rule CAPE_Icedidpackera : FILE date = "2023-11-28" modified = "2023-11-28" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/IcedID.yar#L27-L40" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/IcedID.yar#L27-L40" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "fbad60002286599ca06d0ecb3624740efbf13ee5fda545341b3e0bf4d5348cfe" logic_hash = "aa0681e7794546355e6d61f739c49035a493cdfca7e666531d74e3835ec44408" score = 75 @@ -116679,8 +116704,8 @@ rule CAPE_Icedidpackerb : FILE date = "2023-11-28" modified = "2023-11-28" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/IcedID.yar#L42-L56" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/IcedID.yar#L42-L56" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "6517ef2c579002ec62ddeb01a3175917c75d79ceca355c415a4462922c715cb6" logic_hash = "fde1e2c0124d180b2fa3d0675b35e8d78fdd7b06cd27e9228c148aa29ce30ee7" score = 75 @@ -116705,8 +116730,8 @@ rule CAPE_Icedidpackerc : FILE date = "2023-11-28" modified = "2023-11-28" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/IcedID.yar#L58-L71" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/IcedID.yar#L58-L71" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "c06805b6efd482c1a671ec60c1469e47772c8937ec0496f74e987276fa9020a5" hash = "265c1857ac7c20432f36e3967511f1be0b84b1c52e4867889e367c0b5828a844" logic_hash = "f1e75e380ab0947fdfda012b7a5077a1c2ef51163239846ab2dc29cac95ba166" @@ -116731,8 +116756,8 @@ rule CAPE_Icedidpackerd : FILE date = "2023-11-28" modified = "2023-11-28" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/IcedID.yar#L73-L86" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/IcedID.yar#L73-L86" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "7b226f8cc05fa7d846c52eb0ec386ab37f9bae04372372509daa6bacc9f885d8" logic_hash = "6685e0246f5a11ce0ca33447837de06506b447a5f8591423e2b76f2ab0274dc7" score = 75 @@ -116757,8 +116782,8 @@ rule CAPE_Icedsleep : FILE date = "2023-11-28" modified = "2023-11-28" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/IcedID.yar#L88-L99" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/IcedID.yar#L88-L99" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "0b1a8be95b1b8a3b066837f9e47561ee8202d741b39d64e626c0461c2fbf7c70" score = 75 quality = 70 @@ -116781,8 +116806,8 @@ rule CAPE_Darkgate date = "2024-02-26" modified = "2024-02-26" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/DarkGate.yar#L1-L17" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/DarkGate.yar#L1-L17" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "c1d35921f4fc3bac681a3d5148f517dc0ec90ab8c51e267c8c6cd5b1ca3dc085" logic_hash = "25c0e77a83676c6a18445f8df0b1f7a9148de5f64eeb532f9a4f4d4652dd8191" score = 75 @@ -116810,8 +116835,8 @@ rule CAPE_Ursnifv3 date = "2023-03-23" modified = "2023-03-23" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/UrsnifV3.yar#L1-L16" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/UrsnifV3.yar#L1-L16" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "d679546e37ee58087fce75920b2ce4e6d2b9ae55fb1ef80d14ec14309396757c" score = 75 quality = 70 @@ -116838,8 +116863,8 @@ rule CAPE_Bumblebee : FILE date = "2023-02-08" modified = "2023-02-08" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/BumbleBee.yar#L34-L46" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/BumbleBee.yar#L34-L46" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "0a632a0b30b28d544880eb1cfdd85e95f455c343d60f8d6922d4196ef7415961" score = 75 quality = 70 @@ -116863,8 +116888,8 @@ rule CAPE_Risepro : FILE date = "2023-12-16" modified = "2023-12-16" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/RisePro.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/RisePro.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "1b69a1dd5961241b926605f0a015fa17149c3b2759fb077a30a22d4ddcc273f6" logic_hash = "055ca8328923b91f93c116e4a856366356fa11155f4e9fde95da31129b51386a" score = 75 @@ -116889,8 +116914,8 @@ rule CAPE_Emotetpacker : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/EmotetPacker.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/EmotetPacker.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "5a95d1d87ce69881b58a0e3aafc1929861e2633cdd960021d7b23e2a36409e0d" logic_hash = "5f27d9d18884f7e0805f69960869b332c1577bf8be8ac103285e8bf98cda0ffd" score = 75 @@ -116914,8 +116939,8 @@ rule CAPE_Themida : FILE date = "2024-09-11" modified = "2024-09-11" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Themida.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Themida.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "c4f1e01a3fe3cb66062ce03253bfe9edc09dc6f1a77db99b281106e8ceff9257" score = 75 quality = 70 @@ -116938,8 +116963,8 @@ rule CAPE_Mysterysnail date = "2021-10-16" modified = "2021-10-16" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/MysterySnail.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/MysterySnail.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "9402dbbbfdd286e2309ee83fc08194f70f73657a3a4e3785dfbcb564dbee86a8" score = 75 quality = 70 @@ -116961,8 +116986,8 @@ rule CAPE_Dridexloader : FILE date = "2021-03-09" modified = "2021-03-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/DridexLoader.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/DridexLoader.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "00a3e4e80a2558ee52035f091e2339fa2dad6f6515b9dc099f2f3800e4c70bce" score = 75 quality = 70 @@ -116984,8 +117009,8 @@ rule CAPE_Heavenssyscall : FILE date = "2024-03-25" modified = "2024-03-25" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/HeavensSyscall.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/HeavensSyscall.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "aeb981fcba0936ff8b1be4c601445fd45e5d3b74856a9439d351edd57f5a50c3" score = 75 quality = 70 @@ -117009,8 +117034,8 @@ rule CAPE_Agentteslav4Jit date = "2024-02-27" modified = "2024-02-27" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/AgentTesla.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/AgentTesla.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "8f7144d2a989ce8d291af926b292f5f0f7772e707b0e49797eba13ecf91b90bc" score = 75 quality = 70 @@ -117035,8 +117060,8 @@ rule CAPE_Agentteslav3Jit date = "2024-02-27" modified = "2024-02-27" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/AgentTesla.yar#L16-L26" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/AgentTesla.yar#L16-L26" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "62a49cf4295df637f96ba7c127cfc4aeb9af2fcced497fdf34d726a062edc1ec" score = 75 quality = 70 @@ -117058,8 +117083,8 @@ rule CAPE_Zloader : FILE date = "2024-05-03" modified = "2024-05-03" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Zloader.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Zloader.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "319adca805083c7f5854fe840447cf961addbd748f1f25eb8ec8cdeed7af38aa" score = 75 quality = 70 @@ -117082,8 +117107,8 @@ rule CAPE_Zloader_2024 : FILE date = "2024-05-03" modified = "2024-05-03" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Zloader.yar#L14-L26" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Zloader.yar#L14-L26" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "38d555ef5f613cf7ca043697c479100a7a22e7f043acf8b6a46f8009eb92fd7e" score = 75 quality = 70 @@ -117107,8 +117132,8 @@ rule CAPE_Guloaderprecursor : FILE date = "2023-10-02" modified = "2023-10-02" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Guloader.yar#L17-L28" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Guloader.yar#L17-L28" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "ea05c352739366a03da302074b01537382ba26f7fd5049004f156e47d284f070" score = 75 quality = 70 @@ -117131,8 +117156,8 @@ rule CAPE_Smokeloader : FILE date = "2023-02-06" modified = "2023-02-06" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/SmokeLoader.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/SmokeLoader.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "4b15162f4b754cdd6a9124f29f0fd979085734063a0b17f2a97a9750f29e2e0b" score = 75 quality = 70 @@ -117154,8 +117179,8 @@ rule CAPE_Formhooka date = "2024-10-11" modified = "2024-10-11" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Formbook.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Formbook.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "21b8101a7039cfad0e9d49cc1f055bc23a2eb4c973dcda2a81a007e452d77a6d" score = 75 quality = 70 @@ -117180,8 +117205,8 @@ rule CAPE_Formhookb date = "2024-10-11" modified = "2024-10-11" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Formbook.yar#L16-L29" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Formbook.yar#L16-L29" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "b8b677ca239c6c5faf44f7a46c1e3e231f5708fb13aac724fd3ac9f865b965d8" score = 75 quality = 70 @@ -117206,8 +117231,8 @@ rule CAPE_Formconfa date = "2024-10-11" modified = "2024-10-11" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Formbook.yar#L31-L43" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Formbook.yar#L31-L43" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "b0aa4cec55a21245d8104380c531dd6cc0fdef64fbefd79616eadfb4e95b2d75" score = 75 quality = 70 @@ -117231,8 +117256,8 @@ rule CAPE_Formhelper date = "2024-10-11" modified = "2024-10-11" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Formbook.yar#L45-L57" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Formbook.yar#L45-L57" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "77cdfc94aac089c4f2590f4afbab35351fc6e104e67813548c68c59d27019a63" score = 75 quality = 70 @@ -117256,8 +117281,8 @@ rule CAPE_Formconfb date = "2024-10-11" modified = "2024-10-11" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Formbook.yar#L59-L73" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Formbook.yar#L59-L73" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "8a96ef5c6cebb51186acd099b795066e8e8b2c2adbed4dcc66b81228f70e5c4f" score = 75 quality = 70 @@ -117283,8 +117308,8 @@ rule CAPE_Formconfc date = "2024-10-11" modified = "2024-10-11" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Formbook.yar#L75-L87" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Formbook.yar#L75-L87" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "f52bce00d2ec88682115a8720f0a182b7ef7fe7b9b9fc466bb8ddc1779341509" score = 75 quality = 70 @@ -117308,8 +117333,8 @@ rule CAPE_Lumma : FILE date = "2024-05-09" modified = "2024-05-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Lumma.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Lumma.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "a8f9212b619796f91f14c4164e4d2f30c66b51118f22f3d6c310841b6707b7b0" score = 75 quality = 70 @@ -117334,8 +117359,8 @@ rule CAPE_Lummaremap date = "2024-05-09" modified = "2024-05-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Lumma.yar#L16-L27" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Lumma.yar#L16-L27" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "51093379fbd041f75bdfe161bc9dfcc7d782c23ce16d625ca558bb58d8d57713" score = 75 quality = 70 @@ -117358,8 +117383,8 @@ rule CAPE_Qakbot5 : FILE date = "2024-02-16" modified = "2024-02-16" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/QakBot.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/QakBot.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "303ea2d8d1a7f0fd0ca5508dae2c1b83c03b1e3e975760f15d36d93bcc152767" score = 75 quality = 70 @@ -117383,8 +117408,8 @@ rule CAPE_Qakbot4 : FILE date = "2024-02-16" modified = "2024-02-16" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/QakBot.yar#L15-L29" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/QakBot.yar#L15-L29" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "ad75b07b9b786f634fd46cbe6dc089d3f732673320e70714e8ab058f0392c9f5" score = 75 quality = 70 @@ -117410,8 +117435,8 @@ rule CAPE_Qakbotloader : FILE date = "2024-02-16" modified = "2024-02-16" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/QakBot.yar#L31-L46" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/QakBot.yar#L31-L46" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "6f99171c95a8ed5d056eeb9234dbbee123a6f95f481ad0e0a966abd2844f0e1a" logic_hash = "00869c0a9bf62cde3f46ca915b0ef689557b09dc58d6de34609e3998abfa7e98" score = 75 @@ -117438,8 +117463,8 @@ rule CAPE_Qakbotantivm date = "2024-02-16" modified = "2024-02-16" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/QakBot.yar#L48-L59" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/QakBot.yar#L48-L59" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "e269497ce458b21c8427b3f6f6594a25d583490930af2d3395cb013b20d08ff7" logic_hash = "20f1cd28f38945a3aa328e77e78525fb1ffc47ecf54d5a40c2f18264c3973989" score = 75 @@ -117462,8 +117487,8 @@ rule CAPE_Vbcrypter date = "2021-03-28" modified = "2021-03-28" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/VBCrypter.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/VBCrypter.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "a62bca62ab624ab1a2c2e612c5b7e6d543006026a49c07c46800499e31e41c4e" score = 75 quality = 70 @@ -117485,8 +117510,8 @@ rule CAPE_Blister : FILE date = "2024-05-09" modified = "2024-05-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Blister.yar#L1-L17" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Blister.yar#L1-L17" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "aba379b93c85241cf250829832b2c8a5eaafb3abd0ff955dbaf0d06489c00deb" score = 75 quality = 70 @@ -117514,8 +117539,8 @@ rule CAPE_Latrodectus : FILE date = "2024-02-26" modified = "2024-02-26" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Latrodectus.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Latrodectus.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "378d220bc863a527c2bca204daba36f10358e058df49ef088f8b1045604d9d05" logic_hash = "c2c9f23e287253d766425c05eb774f6e07bdcbabc259e04b723a1a87c8b91fbd" score = 75 @@ -117538,8 +117563,8 @@ rule CAPE_Xworm date = "2023-11-07" modified = "2023-11-07" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/XWorm.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/XWorm.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "d8e103f3470e83d71cd4992b74698c0721b8a69d764fdb7a4543997b2853014a" score = 75 quality = 70 @@ -117561,8 +117586,8 @@ rule CAPE_Cargobayloader : FILE date = "2023-02-20" modified = "2023-02-20" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/CargoBayLoader.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/CargoBayLoader.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "75e975031371741498c5ba310882258c23b39310bd258239277708382bdbee9c" logic_hash = "1d5c4ca79f97e1fac358189a8c6530be12506974fc2fb42f63b0b621536a45c9" score = 75 @@ -117586,8 +117611,8 @@ rule CAPE_Bruteratelsyscall date = "2024-07-22" modified = "2024-07-22" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/BruteRatel.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/BruteRatel.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "5ed054b3cd5d2659c250945d55d6adac90945963c34ad2af0f8d7436141e86b6" score = 75 quality = 70 @@ -117610,8 +117635,8 @@ rule CAPE_Bruteratelpacker date = "2024-07-22" modified = "2024-07-22" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/BruteRatel.yar#L14-L26" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/BruteRatel.yar#L14-L26" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "2ccb17efe378d034df34d20d7580c58171d0fd11c18fef6c9a23f1ba238514e6" score = 75 quality = 70 @@ -117635,8 +117660,8 @@ rule CAPE_Bruterateldate date = "2024-07-22" modified = "2024-07-22" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/BruteRatel.yar#L28-L39" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/BruteRatel.yar#L28-L39" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "88589b2d08aea03565668ff1b9af20b6fe11cda50d867c60db7cb4d1826b0fd7" score = 75 quality = 70 @@ -117659,8 +117684,8 @@ rule CAPE_Bruteratelconfig date = "2024-07-22" modified = "2024-07-22" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/BruteRatel.yar#L41-L51" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/BruteRatel.yar#L41-L51" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "b1815aafec940ab6c8daafc68ccf294845221ada260de5209dcb7e49ccd061c7" score = 75 quality = 70 @@ -117682,8 +117707,8 @@ rule CAPE_Socks5Systemz : FILE date = "2024-05-22" modified = "2024-05-22" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/analyzer/windows/data/yara/Socks5Systemz.yar#L1-L18" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/analyzer/windows/data/yara/Socks5Systemz.yar#L1-L18" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "44b83b6d2ab39b4258ae0d97d00d02afdbb62a3973fd788584e4dea9db69cc1b" score = 75 quality = 70 @@ -117712,8 +117737,8 @@ rule CAPE_Tclient : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/TClient.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/TClient.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "6edcd01e4722b367723ed77d9596877d16ee35dc4c160885d125f83e45cee24d" score = 75 quality = 70 @@ -117735,8 +117760,8 @@ rule CAPE_Carbanak : FILE date = "2024-03-18" modified = "2024-03-18" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Carbanak.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Carbanak.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "c9c1b06cb9c9bd6fc4451f5e2847a1f9524bb2870d7bb6f0ee09b9dd4e3e4c84" logic_hash = "8ed5ab07f1635dc7cdf296e86a71a0a99d0b2faef8fc460f43d426b24b8c8367" score = 75 @@ -117761,8 +117786,8 @@ rule CAPE_Stealc : FILE date = "2024-09-10" modified = "2024-09-10" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Stealc.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Stealc.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "77d6f1914af6caf909fa2a246fcec05f500f79dd56e5d0d466d55924695c702d" logic_hash = "a6165168b7c74761b91d1691465688c748227b830813067edb4e9bdc934271c4" score = 75 @@ -117786,8 +117811,8 @@ rule CAPE_Azorult : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Azorult.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Azorult.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "4691cf48d513d1965416b0cce1b6e19c8f7b393a940afd68b7c6ca8c0d125d90" score = 75 quality = 70 @@ -117810,8 +117835,8 @@ rule CAPE_Nitrogenloader date = "2024-12-02" modified = "2024-12-02" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/NitrogenLoader.yar#L1-L23" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/NitrogenLoader.yar#L1-L23" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "24117d6e04bc964c17c08c9918502410890d7ccdc2e9971f2d01f6f0b41d3836" score = 75 quality = 70 @@ -117845,8 +117870,8 @@ rule CAPE_Ramnit : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Ramnit.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Ramnit.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "6f661f47bdf8377b0fb96f190fcb964c0ed2b43ce7ae7880f9dfce9e43837efd" score = 75 quality = 70 @@ -117870,8 +117895,8 @@ rule CAPE_Cryptoshield : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Cryptoshield.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Cryptoshield.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "46064b4c69cb1af01330c5d194ef50728e0f0479e9fbf72828822935f8e37ac6" score = 75 quality = 70 @@ -117895,8 +117920,8 @@ rule CAPE_Bitpaymer : FILE date = "2019-11-27" modified = "2019-11-27" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/BitPaymer.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/BitPaymer.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "6ae0dc9a36da13e483d8d653276b06f59ecc15c95c754c268dcc91b181677c4c" score = 75 quality = 70 @@ -117919,8 +117944,8 @@ rule CAPE_Wanacry : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/WanaCry.yar#L1-L16" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/WanaCry.yar#L1-L16" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "16d5e39f043d27bbf22f8f21e13971b7e0709b07e44746dd157d11ee4cc51944" score = 75 quality = 70 @@ -117946,8 +117971,8 @@ rule CAPE_Pikabotloader : FILE date = "2024-03-13" modified = "2024-03-13" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/PikaBot.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/PikaBot.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "7e5f1f2911545ee6bd36b54f2627fbdec1b957f4b91df901dd1c6cbd4dff0231" score = 75 quality = 70 @@ -117971,8 +117996,8 @@ rule CAPE_Pikabot : FILE date = "2024-03-13" modified = "2024-03-13" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/PikaBot.yar#L15-L28" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/PikaBot.yar#L15-L28" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "ed07217c373831a9a67d914854154988696e6fcea70dedabf333385f0e7bb8b7" score = 75 quality = 70 @@ -117997,8 +118022,8 @@ rule CAPE_Pik23 : FILE date = "2024-03-13" modified = "2024-03-13" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/PikaBot.yar#L30-L44" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/PikaBot.yar#L30-L44" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "59f42ecde152f78731e54ea27e761bba748c9309a6ad1c2fd17f0e8b90f8aed1" logic_hash = "71a71df2f2a075294941c54eed06cafaaa4d3294e45b3a0098c1cffddd0438bc" score = 75 @@ -118024,8 +118049,8 @@ rule CAPE_Doppelpaymer : FILE date = "2022-06-27" modified = "2022-06-27" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/DoppelPaymer.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/DoppelPaymer.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "73a2575671bafc31a70af3ce072d6f94ae172b12202baebba586a02524cb6f9d" score = 75 quality = 70 @@ -118048,8 +118073,8 @@ rule CAPE_Atlas : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Atlas.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Atlas.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "c3f73b29df5caf804dbfe3e6ac07a9e2c772bd2a126f0487e4a65e72bd501e6e" score = 75 quality = 70 @@ -118073,8 +118098,8 @@ rule CAPE_Magniber : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Magniber.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Magniber.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "1875754bdf98c1886f31f6c6e29992a98180f74d8fa168ae391e2c660d760618" score = 75 quality = 70 @@ -118096,8 +118121,8 @@ rule CAPE_Seduploader : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Seduploader.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Seduploader.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "d70c886699169d4dafc5b063c93682a34af5667df6d293b52256ddc19ab9c516" score = 75 quality = 70 @@ -118119,8 +118144,8 @@ rule CAPE_Buerloader_1 : FILE date = "2022-05-31" modified = "2022-05-31" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/BuerLoader.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/BuerLoader.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "05c1f008f0a2bb8232867977fb23a5ae8312f10f0637c6265561052596319c29" score = 75 quality = 70 @@ -118144,8 +118169,8 @@ rule CAPE_Rhadamanthys_1 date = "2023-09-18" modified = "2023-09-18" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Rhadamanthys.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Rhadamanthys.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "f71bee3ef1dd7b16a55397645d16c0a20d1fdd3bf662f241c0b11796629b11ff" score = 75 quality = 70 @@ -118172,8 +118197,8 @@ rule CAPE_Nighthawk date = "2022-12-05" modified = "2022-12-05" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Nighthawk.yar#L3-L24" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Nighthawk.yar#L3-L24" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "2d77912678e06503ffef0e8ed84aa4f9ac74357480d57742fbae619acebfb5f2" score = 75 quality = 70 @@ -118197,8 +118222,8 @@ rule CAPE_Nemty : FILE date = "2020-04-03" modified = "2020-04-03" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Nemty.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Nemty.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "a05974b561c67b4f1e0812639b74831edcf65686a06c0d380f0b45739e342419" score = 75 quality = 70 @@ -118222,8 +118247,8 @@ rule CAPE_Kovter : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Kovter.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Kovter.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "888fccb8fbfbe6c05ec63bc5658b4743f8e10a96ef51b3868c2ff94afec76f2d" score = 75 quality = 70 @@ -118248,8 +118273,8 @@ rule CAPE_Sedreco : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Sedreco.yar#L1-L15" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Sedreco.yar#L1-L15" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "f735549606917f59a19157e604e54766e4456bc5d46e94cae3e0a3c18b52a7ca" score = 75 quality = 70 @@ -118273,8 +118298,8 @@ rule CAPE_Blackdropper date = "2024-10-22" modified = "2024-10-22" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/BlackDropper.yar#L1-L17" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/BlackDropper.yar#L1-L17" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "f8026ae3237bdd885e5fcaceb86bcab4087d8857e50ba472ca79ce44c12bc257" logic_hash = "c7f7bc740d413b479ebe45611ddfc04f7e4f2978516b2882069b2569c7acdf28" score = 75 @@ -118302,8 +118327,8 @@ rule CAPE_Hancitor : FILE date = "2020-10-20" modified = "2020-10-20" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Hancitor.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Hancitor.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "84003542a2f587b5fbd43731c4240759806f8ee46df2bd96aae4a3c09d97e41c" score = 75 quality = 70 @@ -118328,8 +118353,8 @@ rule CAPE_Asyncrat : FILE date = "2024-10-09" modified = "2024-10-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/AsyncRAT.yar#L1-L17" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/AsyncRAT.yar#L1-L17" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "8f960131bb86e1c09127324bd5877364ab25e0cb37f5f9755230c7fed9094de3" score = 75 quality = 66 @@ -118357,8 +118382,8 @@ rule CAPE_Asyncrat_Kingrat date = "2024-10-09" modified = "2024-10-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/AsyncRAT.yar#L19-L40" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/AsyncRAT.yar#L19-L40" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "2699ef93ae10b205b79025098afc1d1cfe7dbdf192f4d98a6e34a8f3de154810" score = 75 quality = 62 @@ -118391,8 +118416,8 @@ rule CAPE_Cerber : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Cerber.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Cerber.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "16a8f808c28d3b142c079a305aba7f553f2452e439710bf610a06f8f2924d5a3" score = 75 quality = 70 @@ -118414,8 +118439,8 @@ rule CAPE_Nettraveler : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/NetTraveler.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/NetTraveler.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "bf5026f1a1cb3d6986a29d22657a9f1904b362391a6715d7468f8f8aca351233" score = 75 quality = 70 @@ -118439,8 +118464,8 @@ rule CAPE_Eternalromance : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/EternalRomance.yar#L1-L33" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/EternalRomance.yar#L1-L33" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "5390fae3e2411a715cdc965df8648c0c4c511d53d5f76031714f1b784b58eb0d" score = 75 quality = 68 @@ -118484,8 +118509,8 @@ rule CAPE_Kronos : FILE date = "2020-07-02" modified = "2020-07-02" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Kronos.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Kronos.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "52ce9caf3627efe8ae86df6ca59e51e9f738e13ac0265f797e8d70123dbcaeb3" score = 75 quality = 70 @@ -118510,8 +118535,8 @@ rule CAPE_Icedid date = "2021-12-16" modified = "2021-12-16" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/IcedID.yar#L1-L18" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/IcedID.yar#L1-L18" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "e60ccbab7a360020744eba65961156ca3e2ae9cf23671014f913d71c1a96a331" score = 75 quality = 45 @@ -118540,8 +118565,8 @@ rule CAPE_Azer : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Azer.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Azer.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "48bd4a4e071f10d1911c4173a0cd39c69fed7a3b29eb92beffe709899f4cefa5" score = 75 quality = 70 @@ -118565,8 +118590,8 @@ rule CAPE_Emotetloader : FILE date = "2022-05-31" modified = "2022-05-31" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/EmotetLoader.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/EmotetLoader.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "410872d25ed3a89a2cba108f952d606cd1c3bf9ccc89ae6ab3377b83665c2773" score = 75 quality = 70 @@ -118588,8 +118613,8 @@ rule CAPE_Squirrelwaffle : FILE date = "2021-10-13" modified = "2021-10-13" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/SquirrelWaffle.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/SquirrelWaffle.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "5f799333398421d537ec7a87ca94f6cc9cf1e53e55b353036a5132440990e500" score = 75 quality = 70 @@ -118612,8 +118637,8 @@ rule CAPE_Ursnifv3_1 : FILE date = "2023-03-23" modified = "2023-03-23" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/UrsnifV3.yar#L1-L18" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/UrsnifV3.yar#L1-L18" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "501cd52388aba16f9d33b4555f310e1ad58326916b15358a485c701acb87abd8" score = 75 quality = 70 @@ -118642,8 +118667,8 @@ rule CAPE_Trickbot date = "2023-02-07" modified = "2023-02-07" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/TrickBot.yar#L1-L20" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/TrickBot.yar#L1-L20" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "47cc2070b43957601a72745329a9d14fb3fbfd4d2b31cacc35d4ac750dde31ea" score = 75 quality = 70 @@ -118674,8 +118699,8 @@ rule CAPE_Trickbot_Permadll_UEFI_Module date = "2023-02-07" modified = "2023-02-07" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/TrickBot.yar#L22-L38" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/TrickBot.yar#L22-L38" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "491115422a6b94dc952982e6914adc39" logic_hash = "564055f56fd19bed8900e6d451ba050b4e9013a9208a3bdc3d3d563567d225d2" score = 75 @@ -118703,8 +118728,8 @@ rule CAPE_Bumblebeeshellcode_1 date = "2024-10-29" modified = "2024-10-29" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/BumbleBee.yar#L18-L33" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/BumbleBee.yar#L18-L33" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "d56f8c4e491d0d1b34e396e73750bef9917ca4f708fb6a2681de772a65c13a40" score = 75 quality = 70 @@ -118731,8 +118756,8 @@ rule CAPE_Bumblebee2024 date = "2024-10-29" modified = "2024-10-29" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/BumbleBee.yar#L52-L68" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/BumbleBee.yar#L52-L68" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "db58272c1ba74bc6e6a90bdacf7e8feec94be5da2b5123e0475ce86448f3edb2" score = 75 quality = 70 @@ -118760,8 +118785,8 @@ rule CAPE_Varenyky : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Varenyky.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Varenyky.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "602f1b8b60b29565eabe2171fde4eb58546af68f8acecad402a7a51ea9a08ed9" score = 75 quality = 70 @@ -118783,8 +118808,8 @@ rule CAPE_Gootkit : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Gootkit.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Gootkit.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "26704b6b0adca51933fc9d5e097930320768fd0e9355dcefc725aee7775316e7" score = 75 quality = 70 @@ -118806,8 +118831,8 @@ rule CAPE_Badrabbit : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/BadRabbit.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/BadRabbit.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "309e14ab4ea2f919358631f9d8b2aaff1f51e7708b6114e4e6bf4a9d9a5fc86c" score = 75 quality = 70 @@ -118831,8 +118856,8 @@ rule CAPE_Rozena date = "2024-03-15" modified = "2024-03-15" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Rozena.yar#L1-L10" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Rozena.yar#L1-L10" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "c415a8108b58a125a604031bb8d73b58a8aae5429b5b765e35fa8a4add9cd135" score = 75 quality = 70 @@ -118855,8 +118880,8 @@ rule CAPE_Ryuk : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Ryuk.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Ryuk.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "b4463993d8956e402b927a3dcfa2ca9693a959908187f720372f2d3a40e6db0c" score = 75 quality = 70 @@ -118881,8 +118906,8 @@ rule CAPE_Megacortex : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/MegaCortex.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/MegaCortex.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "5de1d8241260070241c91b97f18feb2a90069e3b158e863e2d9f568799c244e6" score = 75 quality = 70 @@ -118906,8 +118931,8 @@ rule CAPE_Zerot : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/ZeroT.yar#L1-L15" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/ZeroT.yar#L1-L15" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "f60ae25ac3cd741b8bdc5100b5d3c474b5d9fbe8be88bfd184994bae106c3803" score = 75 quality = 68 @@ -118933,8 +118958,8 @@ rule CAPE_Dreambot : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Dreambot.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Dreambot.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "29c6d648d5d38667c5824c2d20a83a20448c2ae6054ddddb2b2b7f8bdb69f74b" score = 75 quality = 70 @@ -118959,8 +118984,8 @@ rule CAPE_Dridexv4 : FILE date = "2022-05-31" modified = "2022-05-31" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/DridexV4.yar#L1-L15" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/DridexV4.yar#L1-L15" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "cb103fe5f2d4792e3c612db4e2d84a4c8b0ce0f9a8443e9147e2c345f1dbdff6" score = 75 quality = 70 @@ -118986,8 +119011,8 @@ rule CAPE_Rokrat : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/RokRat.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/RokRat.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "2aaa7de7ccd59e0da690f4bc0c7deaacf61314d61f8d2aa3ce6f6892f50612ec" score = 75 quality = 70 @@ -119010,8 +119035,8 @@ rule CAPE_Hermes : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Hermes.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Hermes.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "9bc974173f39a57e7adfbf8ae106a20d960557696b4c3ce16e9b4e47d3e9e95b" score = 75 quality = 70 @@ -119035,8 +119060,8 @@ rule CAPE_Tscookie : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/TSCookie.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/TSCookie.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "0461c7fd14c74646437654f0a63a4a89d4efad620e197a8ca1e8d390618842c3" score = 75 quality = 70 @@ -119060,8 +119085,8 @@ rule CAPE_Remcos : FILE date = "2022-05-10" modified = "2022-05-10" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Remcos.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Remcos.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "38142e784ad437d9592353b924f74777bb62e5ed176c811230a2021a437d4710" score = 75 quality = 68 @@ -119086,8 +119111,8 @@ rule CAPE_Rcsession date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/RCSession.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/RCSession.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "ebd1e9e615a91c35b36332cad55519607323469df738cec4464288b45787630d" score = 75 quality = 70 @@ -119110,8 +119135,8 @@ rule CAPE_Quasarrat : FILE date = "2024-10-09" modified = "2024-10-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/QuasarRAT.yar#L1-L22" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/QuasarRAT.yar#L1-L22" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "556b19dc0980761198ea31a285f281adae084463d24bff1eda15326436ad562b" score = 75 quality = 70 @@ -119145,8 +119170,8 @@ rule CAPE_Quasarrat_Kingrat date = "2024-10-09" modified = "2024-10-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/QuasarRAT.yar#L24-L43" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/QuasarRAT.yar#L24-L43" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "1f4296a592134edbe52e256dc353143af02e897ff1afad98f3dac0c5ab13f3f7" score = 75 quality = 70 @@ -119178,8 +119203,8 @@ rule CAPE_Fareit : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Fareit.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Fareit.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "ed35391ffc949219f380da3f22bc8397a7d5c742bd68e227c3becdebcab5cf83" score = 75 quality = 70 @@ -119201,8 +119226,8 @@ rule CAPE_Bazar : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Bazar.yar#L1-L11" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Bazar.yar#L1-L11" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "9375f59b56e47fd0b90b089afdf3be8f16f960038fc625523a2e2d5509ab099d" score = 75 quality = 70 @@ -119225,8 +119250,8 @@ rule CAPE_Locky : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Locky.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Locky.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "9786c54a2644d9581fefe64be11b26e22806398e54e961fa4f19d26eae039cd7" score = 75 quality = 70 @@ -119250,8 +119275,8 @@ rule CAPE_Lockbit : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Lockbit.yar#L1-L15" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Lockbit.yar#L1-L15" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "80ab705c8246a0bd5b3de65146cf32b102f39bf9444bdf1d366b5a794c1229b9" score = 75 quality = 70 @@ -119277,8 +119302,8 @@ rule CAPE_Amadey : FILE date = "2023-09-04" modified = "2023-09-04" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Amadey.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Amadey.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "988258716d5296c1323303e8fe4efd7f4642c87bfdbe970fe9a3bb3f410f70a4" logic_hash = "38f710b422a3644c9f0f3e80ad9ff28ef02050368c651a6cc2ce8b152b67bf48" score = 75 @@ -119303,8 +119328,8 @@ rule CAPE_Jaff : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Jaff.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Jaff.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "6806a5eeee04b7436ff694addc334bfc0f1ee611116904d57be9506acfd47418" score = 75 quality = 70 @@ -119329,8 +119354,8 @@ rule CAPE_Petrwrap : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/PetrWrap.yar#L1-L15" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/PetrWrap.yar#L1-L15" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "6dd1cf5639b63d0ab41b24080dad68d285f2e3969ad34fd724c83e7a0dd4b968" score = 75 quality = 70 @@ -119355,8 +119380,8 @@ rule CAPE_Scarab : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Scarab.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Scarab.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "0d8fa7ab4c8e5699f17f9e9444e85a42563a840a8e7ee9eda54add3a6845d1c6" score = 75 quality = 70 @@ -119380,8 +119405,8 @@ rule CAPE_Oyster date = "2024-05-30" modified = "2024-05-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Oyster.yar#L1-L19" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Oyster.yar#L1-L19" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "8bae0fa9f589cd434a689eebd7a1fde949cc09e6a65e1b56bb620998246a1650" logic_hash = "23ab1518712dbce8319b87785d7ffc0c2b61de82c2bbf533ebf0aae39ec33540" score = 75 @@ -119411,8 +119436,8 @@ rule CAPE_Dridexloader_1 : FILE date = "2021-03-10" modified = "2021-03-10" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/DridexLoader.yar#L1-L17" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/DridexLoader.yar#L1-L17" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "20696b1f14539c8ecf21bffc696596040c20b1ee2fcedc173945482c0baca588" score = 75 quality = 70 @@ -119439,8 +119464,8 @@ rule CAPE_Mole : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Mole.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Mole.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "8be4d190d554a610360c0e04b33da59eb00319395e5b2000d580546ce6503786" score = 75 quality = 70 @@ -119464,8 +119489,8 @@ rule CAPE_Gandcrab : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Gandcrab.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Gandcrab.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "354ed566dbafbe8e9531bb771d9846952eb8c0e70ee94c26d09368159ce4142c" score = 75 quality = 70 @@ -119490,8 +119515,8 @@ rule CAPE_Masslogger : FILE date = "2020-11-24" modified = "2020-11-24" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/MassLogger.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/MassLogger.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "c8d82694810aafbdc6a35a661e7431e9536035e2f7fef90b9359064c4209b66c" score = 75 quality = 70 @@ -119514,8 +119539,8 @@ rule CAPE_Aurorastealer : FILE date = "2022-12-14" modified = "2023-03-31" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/AuroraStealer.yar#L1-L74" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/AuroraStealer.yar#L1-L74" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "0d10e9268184f494a73d5b4ab0d9a478ad0c26d2ef13d5134f8c9769f028b8f5" score = 75 quality = 45 @@ -119594,8 +119619,8 @@ rule CAPE_Agent_Tesla date = "2024-03-22" modified = "2024-03-22" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/AgentTesla.yar#L1-L17" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/AgentTesla.yar#L1-L17" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "3945754129dcc58e0abfd7485f5ff0c0afdd1078ae2cf164ca8f59a6f79db1be" score = 75 quality = 70 @@ -119621,8 +119646,8 @@ rule CAPE_Agenttesla : FILE date = "2024-03-22" modified = "2024-03-22" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/AgentTesla.yar#L19-L41" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/AgentTesla.yar#L19-L41" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "1bf9b26c4cf87e674ddffabe40aba5a45499c6a04d4ff3e43c3cda4cbcb4d188" score = 75 quality = 70 @@ -119654,8 +119679,8 @@ rule CAPE_Agentteslav2 : FILE date = "2024-03-22" modified = "2024-03-22" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/AgentTesla.yar#L43-L67" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/AgentTesla.yar#L43-L67" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "b45296b3b94fa1ff32de48c94329a17402461fb6696e9390565c4dba9738ed78" score = 75 quality = 70 @@ -119691,8 +119716,8 @@ rule CAPE_Agentteslav3 : FILE date = "2024-03-22" modified = "2024-03-22" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/AgentTesla.yar#L69-L111" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/AgentTesla.yar#L69-L111" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "26c4fa0ce8de6982eb599f3872e8ab2a6e83da4741db7f3500c94e0a8fe5d459" score = 75 quality = 68 @@ -119745,8 +119770,8 @@ rule CAPE_Agentteslaxor : FILE date = "2024-03-22" modified = "2024-03-22" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/AgentTesla.yar#L113-L123" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/AgentTesla.yar#L113-L123" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "54581e83e5fa13fae4bda74016b3fa1d18c92e2659f493ebe54d70fd5f77bba5" score = 75 quality = 20 @@ -119768,8 +119793,8 @@ rule CAPE_Agentteslav4 : FILE date = "2024-03-22" modified = "2024-03-22" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/AgentTesla.yar#L125-L138" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/AgentTesla.yar#L125-L138" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "0a39036f408728ab312a54ff3354453d171424f57f9a8f3b42af867be3037ca9" score = 75 quality = 70 @@ -119794,8 +119819,8 @@ rule CAPE_Zloader_1 : FILE date = "2024-05-06" modified = "2024-05-06" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Zloader.yar#L1-L18" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Zloader.yar#L1-L18" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "adbd0c7096a7373be82dd03df1aae61cb39e0a155c00bbb9c67abc01d48718aa" logic_hash = "a94efd87c69146cf5771341974e5abe789445d67dde3e045e1b87d3131539ff9" score = 75 @@ -119824,8 +119849,8 @@ rule CAPE_Petya : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Petya.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Petya.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "f819261bb34f3b2eb7dc2f843b56be25105570fe902a77940a632a54fbe0d014" score = 75 quality = 70 @@ -119849,8 +119874,8 @@ rule CAPE_Lokibot : FILE date = "2022-02-01" modified = "2022-02-01" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/LokiBot.yar#L1-L12" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/LokiBot.yar#L1-L12" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "a5b3d518371138740e913d2d6ce4fa22d3da5cea7e034c7d6b4b502e6bf44b06" score = 75 quality = 70 @@ -119873,8 +119898,8 @@ rule CAPE_Smokeloader_1 date = "2024-11-12" modified = "2024-11-12" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/SmokeLoader.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/SmokeLoader.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "779e2ac213e5ced7bc06e6208826b65cf8fc3113a69ede6408b84055542fa76d" score = 75 quality = 70 @@ -119899,8 +119924,8 @@ rule CAPE_Xenorat date = "2024-10-09" modified = "2024-10-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/XenoRAT.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/XenoRAT.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "26f520fb69a52d05786fac0e9e38f5db9601da0a3e7768e00975a9684f3560ef" score = 75 quality = 66 @@ -119927,8 +119952,8 @@ rule CAPE_Formbook date = "2023-10-13" modified = "2023-10-13" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Formbook.yar#L1-L18" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Formbook.yar#L1-L18" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "63ee4dd6fe5ed2a3e5ee88ba7de48d2c9e0024961a550d0fdb68891c9885e05e" score = 75 quality = 70 @@ -119957,8 +119982,8 @@ rule CAPE_Nanolocker : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/NanoLocker.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/NanoLocker.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "fe6c8a4e259c3c526f8f50771251f6762b2b92a4df2e8bfc705f282489f757db" score = 75 quality = 70 @@ -119977,14 +120002,14 @@ rule CAPE_Arkei : FILE { meta: description = "Arkei Payload" - author = "kevoreilly" - id = "22ebe194-19a9-5bf2-9cfc-ea27b7724572" - date = "2020-02-11" - modified = "2020-02-11" + author = "kevoreilly, YungBinary" + id = "18363a5b-46f3-5d11-9bc6-a91f81b49706" + date = "2025-01-10" + modified = "2025-01-10" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Arkei.yar#L1-L24" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" - logic_hash = "03980827db1c53d4090ab196ba820ca34b5d83dc7140b11ead9182cb5d28c7d3" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Arkei.yar#L1-L50" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" + logic_hash = "296e420880d8d2f24424d0411e7ef4939e18147689557512f410da48498a44c9" score = 75 quality = 70 tags = "FILE" @@ -120004,9 +120029,31 @@ rule CAPE_Arkei : FILE $v7 = "files\\cc_" ascii wide $v8 = "files\\autofill_" ascii wide $v9 = "files\\cookies_" ascii wide + $loaded_modules = { + 64 A1 30 00 00 00 + 8B 40 0C + 8B 40 0C + 8B 00 + 8B 00 + 8B 40 18 + 89 45 FC + 8B 45 FC + 8B E5 + 5D + C3 + } + $language_check = { + FF 15 ?? ?? ?? ?? + 0F B7 C0 + 89 45 ?? + 81 7D ?? 3F 04 ?? ?? + 7F + } + $ext1 = ".zoo" ascii + $ext2 = ".arc" ascii condition: - uint16( 0 ) == 0x5A4D and ( all of ( $string* ) or 7 of ( $v* ) ) + uint16( 0 ) == 0x5A4D and ( ( $loaded_modules and $language_check and $ext1 and $ext2 ) or ( all of ( $string* ) or 7 of ( $v* ) ) ) } rule CAPE_Lumma_1 : FILE { @@ -120017,8 +120064,8 @@ rule CAPE_Lumma_1 : FILE date = "2024-10-22" modified = "2024-10-22" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Lumma.yar#L1-L15" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Lumma.yar#L1-L15" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "44408ffa7870dbc1a8a31567dd743f46542da01ed8083e5413392920b9d1bafe" score = 75 quality = 70 @@ -120044,8 +120091,8 @@ rule CAPE_Koiloader date = "2024-10-25" modified = "2024-10-25" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/KoiLoader.yar#L1-L35" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/KoiLoader.yar#L1-L35" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "b462e3235c7578450b2b56a8aff875a3d99d22f6970a01db3ba98f7ecb6b01a0" logic_hash = "264a536632f8f11c904b00c9d2e505b3263c733ad8fbc2ef19c25a5ad58cef90" score = 75 @@ -120089,8 +120136,8 @@ rule CAPE_Conti : FILE date = "2021-03-15" modified = "2021-03-15" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Conti.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Conti.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "c9842f93d012d0189b9c6f10ad558b37ae66226bbb619ad677f6906ccaf0e848" score = 75 quality = 70 @@ -120114,8 +120161,8 @@ rule CAPE_Qakbot5_1 : FILE date = "2024-04-28" modified = "2024-04-28" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/QakBot.yar#L1-L15" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/QakBot.yar#L1-L15" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "59559e97962e40a15adb2237c4d01cfead03623aff1725616caeaa5a8d273a35" logic_hash = "cc23a92f45619d44af824128b743c259dd9dfa7cb5106932f3425f3dfd1dccdf" score = 75 @@ -120141,8 +120188,8 @@ rule CAPE_Qakbot4_1 : FILE date = "2024-04-28" modified = "2024-04-28" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/QakBot.yar#L17-L35" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/QakBot.yar#L17-L35" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "b2870e33abffbb3ff49b7891b0f5c538ab48ee63da5553929d4e37dec921344f" score = 75 quality = 70 @@ -120172,8 +120219,8 @@ rule CAPE_Ursnif : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Ursnif.yar#L1-L19" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Ursnif.yar#L1-L19" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "46e79fde81ff5352314618021e394b2e0322df07170c7279363290b7134935fd" score = 75 quality = 70 @@ -120202,8 +120249,8 @@ rule CAPE_Codoso : FILE date = "2019-10-30" modified = "2019-10-30" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Codoso.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Codoso.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "32c9ed2ac29e8905266977a9ee573a252442d96fb9ec97d88642180deceec3f8" score = 75 quality = 70 @@ -120227,8 +120274,8 @@ rule CAPE_Cobaltstrikestager date = "2023-01-18" modified = "2023-01-18" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/CobaltStrikeStager.yar#L1-L15" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/CobaltStrikeStager.yar#L1-L15" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "6a55b0c3ab5f557dfb7a3f8bd616ede1bd9b93198590fc9d52aa19c1154388c5" score = 75 quality = 70 @@ -120253,8 +120300,8 @@ rule CAPE_Blister_1 : FILE date = "2023-09-20" modified = "2023-09-20" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Blister.yar#L1-L17" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Blister.yar#L1-L17" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "afb77617a4ca637614c429440c78da438e190dd1ca24dc78483aa731d80832c2" hash = "d3eab2a134e7bd3f2e8767a6285b38d19cd3df421e8af336a7852b74f194802c" logic_hash = "f26d85fdf0eb07e67fe38c43c5f6d024bfb7b2a333cb3411f5cdcff6bf5db12d" @@ -120282,8 +120329,8 @@ rule CAPE_Latrodectus_1 date = "2024-09-03" modified = "2024-09-03" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Latrodectus.yar#L1-L16" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Latrodectus.yar#L1-L16" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "a547cff9991a713535e5c128a0711ca68acf9298cc2220c4ea0685d580f36811" logic_hash = "2f98d570bf9a490eecd2807599b93023ccacab86f3b7674f0118bbebd4dd2776" score = 75 @@ -120310,8 +120357,8 @@ rule CAPE_Latrodectus_AES date = "2024-09-03" modified = "2024-09-03" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Latrodectus.yar#L18-L34" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Latrodectus.yar#L18-L34" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" hash = "5cecb26a3f33c24b92a0c8f6f5175da0664b21d7c4216a41694e4a4cad233ca8" logic_hash = "1f00f6f187f15d39a30e15ffd14dae07707141999271ad4ac6a75ff4d93dd54d" score = 75 @@ -120339,8 +120386,8 @@ rule CAPE_Kpot : FILE date = "2020-10-19" modified = "2020-10-19" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Kpot.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Kpot.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "75abaab9a10e8ac8808425c389238285ab9bd9cb76f0cd03cc1e35b3ea0a1b0f" score = 75 quality = 70 @@ -120364,8 +120411,8 @@ rule CAPE_Zeuspanda : FILE date = "2022-06-09" modified = "2022-06-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/ZeusPanda.yar#L1-L13" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/ZeusPanda.yar#L1-L13" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "43d8a56cae9fd23c053f6956851734d3270b46a906236854502c136e3bb1e761" score = 75 quality = 70 @@ -120388,8 +120435,8 @@ rule CAPE_Xworm_1 : FILE date = "2024-10-09" modified = "2024-10-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/XWorm.yar#L1-L27" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/XWorm.yar#L1-L27" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "5a86c2f0a188135e53d86c176806a208abbe3dd830bde364016859ffa5294bd7" score = 75 quality = 68 @@ -120428,8 +120475,8 @@ rule CAPE_Xworm_Kingrat date = "2024-10-09" modified = "2024-10-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/XWorm.yar#L29-L46" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/XWorm.yar#L29-L46" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "3914be652bb7271e5e6b89d05edf10a54f8ddaf9e22d194b60501aa2cdd495d3" score = 75 quality = 66 @@ -120460,8 +120507,8 @@ rule CAPE_Vidar : FILE date = "2023-04-21" modified = "2023-04-21" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/Vidar.yar#L1-L22" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/Vidar.yar#L1-L22" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "5d4c030536ed41cf4e0dcb77b2fe4553d789ee2b8095a4b3e050692335a8709d" score = 75 quality = 70 @@ -120494,8 +120541,8 @@ rule CAPE_Dcrat : FILE date = "2024-10-09" modified = "2024-10-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/DCRat.yar#L1-L66" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/DCRat.yar#L1-L66" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "5a02dcc2b9c7eb3efdba39047e37886240b45fb7e2db3b82aa5b4b9526dfb7f8" score = 75 quality = 45 @@ -120568,8 +120615,8 @@ rule CAPE_Dcrat_Kingrat date = "2024-10-09" modified = "2024-10-09" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/DCRat.yar#L68-L87" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/DCRat.yar#L68-L87" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "73ac27c3f0fc71d053e89690b5a7d29c1f8b0ea0a22e8595148a9001799fae54" score = 75 quality = 62 @@ -120601,8 +120648,8 @@ rule CAPE_Bruteratel date = "2024-07-11" modified = "2024-07-11" reference = "https://github.com/kevoreilly/CAPEv2" - source_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/data/yara/CAPE/BruteRatel.yar#L1-L14" - license_url = "https://github.com/kevoreilly/CAPEv2/blob/8ce9f63374fd91e788c42b37b4853baea69c52d7/LICENSE" + source_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/data/yara/CAPE/BruteRatel.yar#L1-L14" + license_url = "https://github.com/kevoreilly/CAPEv2/blob/19280c6ec63803abade1d5fc7292d2228a67990a/LICENSE" logic_hash = "0984977c716d6f8e068c045166eb5db77c9fbce27513e555dceca348375f1a66" score = 75 quality = 70 @@ -120622,7 +120669,7 @@ rule CAPE_Bruteratel * YARA Rule Set * Repository Name: BinaryAlert * Repository: https://github.com/airbnb/binaryalert/ - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: a9c0f06affc35e1f8e45bb77f835b92350c68a0b * Number of Rules: 80 * Skipped: 0 (age), 1 (quality), 0 (score), 0 (importance) @@ -121671,8 +121718,8 @@ rule BINARYALERT_Hacktool_Windows_Mimikatz_Errors condition: all of them } -import "pe" import "math" +import "pe" rule BINARYALERT_Hacktool_Windows_Cobaltstrike_Artifact_Exe : FILE { @@ -123088,7 +123135,7 @@ rule BINARYALERT_Malware_Windows_Winnti_Loadperf_Dll_Loader * YARA Rule Set * Repository Name: DeadBits * Repository: https://github.com/deadbits/yara-rules/ - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: d002f7ecee23e09142a3ac3e79c84f71dda3f001 * Number of Rules: 19 * Skipped: 0 (age), 4 (quality), 0 (score), 0 (importance) @@ -123823,7 +123870,7 @@ rule DEADBITS_Acbackdoor_ELF : LINUX MALWARE BACKDOOR description = "No description has been set in the source file - DeadBits" author = "Adam M. Swanda" id = "82eb41bf-cd1d-5b00-973b-31a79c75cfc0" - date = "2019-11-26" + date = "2019-11-02" modified = "2019-12-04" reference = "https://www.intezer.com/blog-acbackdoor-analysis-of-a-new-multiplatform-backdoor/" source_url = "https://github.com/deadbits/yara-rules//blob/d002f7ecee23e09142a3ac3e79c84f71dda3f001/rules/ACBackdoor_Linux.yara#L1-L41" @@ -123941,7 +123988,7 @@ rule DEADBITS_Jsworm : MALWARE FILE * YARA Rule Set * Repository Name: DelivrTo * Repository: https://github.com/delivr-to/detections - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 5f5a94db9cbb9a0ae785ada7ae654a4dfbd3dcb1 * Number of Rules: 9 * Skipped: 0 (age), 2 (quality), 0 (score), 0 (importance) @@ -124168,7 +124215,7 @@ rule DELIVRTO_SUSP_Msg_CVE_2023_23397_Mar23 : CVE_2023_23397 FILE * YARA Rule Set * Repository Name: ESET * Repository: https://github.com/eset/malware-ioc - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 2870295e7fb7fcb44f65e15693ea5ba9970f3bbf * Number of Rules: 103 * Skipped: 0 (age), 5 (quality), 0 (score), 0 (importance) @@ -125206,7 +125253,7 @@ rule ESET_Apt_Windows_TA410_Flowcloud_Header_Decryption : FILE description = "Matches the function used to decrypt resources headers in TA410 FlowCloud" author = "ESET Research" id = "403c1845-bc25-5a49-8553-8a0be18d6970" - date = "2025-01-26" + date = "2025-01-02" modified = "2022-04-27" reference = "https://github.com/eset/malware-ioc/" source_url = "https://github.com/eset/malware-ioc/blob/2870295e7fb7fcb44f65e15693ea5ba9970f3bbf/ta410/ta410.yar#L417-L496" @@ -127895,7 +127942,7 @@ rule ESET_Prikormka * YARA Rule Set * Repository Name: FireEye-RT * Repository: https://github.com/mandiant/red_team_tool_countermeasures/ - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 3561b71724dbfa3e2bb78106aaa2d7f8b892c43b * Number of Rules: 167 * Skipped: 0 (age), 4 (quality), 0 (score), 0 (importance) @@ -132594,7 +132641,7 @@ rule FIREEYE_RT_Loader_Win_Generic_18 : FILE * YARA Rule Set * Repository Name: GCTI * Repository: https://github.com/chronicle/GCTI - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 1c5fd42b1895098527fde00c2d9757edf6b303bb * Number of Rules: 90 * Skipped: 0 (age), 1 (quality), 0 (score), 0 (importance) @@ -135811,7 +135858,7 @@ rule GCTI_Cobaltstrike_Resources_Artifact32_V3_14_To_V4_X * YARA Rule Set * Repository Name: Malpedia * Repository: https://github.com/malpedia/signator-rules/ - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 6558c417dcf07146b1309b6acde6be0aa96dea10 * Number of Rules: 1469 * Skipped: 0 (age), 15 (quality), 0 (score), 0 (importance) @@ -196874,7 +196921,7 @@ rule MALPEDIA_Win_Contopee_Auto : FILE * YARA Rule Set * Repository Name: Trellix ARC * Repository: https://github.com/advanced-threat-research/Yara-Rules/ - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: fc51a3fe3b450838614a5a5aa327c6bd8689cbb2 * Number of Rules: 162 * Skipped: 0 (age), 5 (quality), 0 (score), 0 (importance) @@ -197324,8 +197371,8 @@ rule TRELLIX_ARC_Ransomware_Coronavirus : RANSOMWARE FILE condition: uint16( 0 ) == 0x5a4d and filesize < 100KB and all of them } -import "pe" import "hash" +import "pe" rule TRELLIX_ARC_Ransom_Egregor : RANSOMWARE FILE { @@ -197612,7 +197659,7 @@ rule TRELLIX_ARC_Badrabbit_Ransomware : RANSOMWARE FILE description = "Rule to detect Bad Rabbit Ransomware" author = "Marc Rivero | McAfee ATR Team" id = "d6e78c14-0913-5eed-be15-a6d1a8cd1a8d" - date = "2025-01-01" + date = "2025-02-01" modified = "2020-08-14" reference = "https://securelist.com/bad-rabbit-ransomware/82851/" source_url = "https://github.com/advanced-threat-research/Yara-Rules//blob/fc51a3fe3b450838614a5a5aa327c6bd8689cbb2/ransomware/RANSOM_BadRabbit.yar#L49-L101" @@ -197699,7 +197746,7 @@ rule TRELLIX_ARC_Ransom_Black_Kingdom : RANSOMWARE FILE description = "Rule to detect Black Kingdom ransomware that is spread using the latest Exchange vulns" author = "McAfee ATR" id = "c38e6dbf-7fb9-52f0-acd0-f824647b6041" - date = "2025-01-01" + date = "2025-02-01" modified = "2021-04-06" reference = "https://github.com/advanced-threat-research/Yara-Rules/" source_url = "https://github.com/advanced-threat-research/Yara-Rules//blob/fc51a3fe3b450838614a5a5aa327c6bd8689cbb2/ransomware/ransom_BlackKingDom.yar#L3-L49" @@ -197862,7 +197909,7 @@ rule TRELLIX_ARC_Cryptonar_Ransomware : RANSOMWARE FILE description = "Rule to detect CryptoNar Ransomware" author = "Marc Rivero | McAfee ATR Team" id = "0911250f-fc1f-58bc-ac09-d77d2a2ed3ce" - date = "2025-01-01" + date = "2025-02-01" modified = "2020-08-14" reference = "https://www.bleepingcomputer.com/news/security/cryptonar-ransomware-discovered-and-quickly-decrypted/" source_url = "https://github.com/advanced-threat-research/Yara-Rules//blob/fc51a3fe3b450838614a5a5aa327c6bd8689cbb2/ransomware/RANSOM_CryptoNar.yar#L1-L36" @@ -198969,7 +199016,7 @@ rule TRELLIX_ARC_Megacortex_Signed : RANSOMWARE FILE description = "Rule to detect MegaCortex samples digitally signed" author = "Marc Rivero | McAfee ATR Team" id = "78a74e30-4de0-5e63-8ca5-31251c296f98" - date = "2025-01-01" + date = "2025-02-01" modified = "2020-08-14" reference = "https://blog.malwarebytes.com/detections/ransom-megacortex/" source_url = "https://github.com/advanced-threat-research/Yara-Rules//blob/fc51a3fe3b450838614a5a5aa327c6bd8689cbb2/ransomware/RANSOM_MegaCortex.yar#L3-L26" @@ -199518,7 +199565,7 @@ rule TRELLIX_ARC_Sodinokobi : RANSOMWARE description = "This rule detect Sodinokobi Ransomware in memory in old samples and perhaps future." author = "McAfee ATR team" id = "dd05ce31-9699-50a9-944c-5883340791af" - date = "2025-01-01" + date = "2025-02-01" modified = "2020-08-14" reference = "https://github.com/advanced-threat-research/Yara-Rules/" source_url = "https://github.com/advanced-threat-research/Yara-Rules//blob/fc51a3fe3b450838614a5a5aa327c6bd8689cbb2/ransomware/RANSOM_Sodinokibi.yar#L33-L54" @@ -200184,7 +200231,7 @@ rule TRELLIX_ARC_Shifu : FINANCIAL description = "No description has been set in the source file - Trellix ARC" author = "McAfee Labs" id = "81e9ad25-1df0-5196-be8b-1d1d5d8e4387" - date = "2025-01-01" + date = "2025-02-01" modified = "2020-08-14" reference = "https://blogs.mcafee.com/mcafee-labs/japanese-banking-trojan-shifu-combines-malware-tools/" source_url = "https://github.com/advanced-threat-research/Yara-Rules//blob/fc51a3fe3b450838614a5a5aa327c6bd8689cbb2/malware/MALW_Shifu.yar#L1-L24" @@ -200277,7 +200324,7 @@ rule TRELLIX_ARC_Nionspy : FILEINFECTOR FILE description = "Triggers on old and new variants of W32/NionSpy file infector" author = "Trellix ARC Team" id = "86051ef8-a18b-553c-b06c-490f8d6df5cf" - date = "2025-01-01" + date = "2025-02-01" modified = "2020-08-14" reference = "https://blogs.mcafee.com/mcafee-labs/taking-a-close-look-at-data-stealing-nionspy-file-infector" source_url = "https://github.com/advanced-threat-research/Yara-Rules//blob/fc51a3fe3b450838614a5a5aa327c6bd8689cbb2/malware/MALW_NionSpy.yar#L1-L25" @@ -200390,7 +200437,7 @@ rule TRELLIX_ARC_Rovnix_Downloader : DOWNLOADER description = "Rovnix downloader with sinkhole checks" author = "Intel Security" id = "d51f8f73-7a3a-5ccf-9122-86061b5399f1" - date = "2025-01-01" + date = "2025-02-01" modified = "2020-08-14" reference = "https://blogs.mcafee.com/mcafee-labs/rovnix-downloader-sinkhole-time-checks/" source_url = "https://github.com/advanced-threat-research/Yara-Rules//blob/fc51a3fe3b450838614a5a5aa327c6bd8689cbb2/malware/MALW_Rovnix.yar#L1-L38" @@ -200544,7 +200591,7 @@ rule TRELLIX_ARC_Msworldexploit_Builder_Doc : MALDOC FILE description = "Rule to detect RTF/Docs files created by MsWordExploit Builder" author = "Marc Rivero | McAfee ATR Team" id = "6c4c091b-5fce-583a-bc17-31830251892c" - date = "2025-01-01" + date = "2025-02-01" modified = "2020-08-14" reference = "https://github.com/advanced-threat-research/Yara-Rules/" source_url = "https://github.com/advanced-threat-research/Yara-Rules//blob/fc51a3fe3b450838614a5a5aa327c6bd8689cbb2/malware/MALW_MsWordExploit_DOC.yar#L1-L24" @@ -200834,7 +200881,7 @@ rule TRELLIX_ARC_Rietspoof_Loader : RANSOMWARE FILE description = "Rule to detect the Rietspoof loader" author = "Marc Rivero | McAfee ATR Team" id = "f306e381-e2ae-528e-937b-aced72356d77" - date = "2025-01-01" + date = "2025-02-01" modified = "2020-08-14" reference = "https://blog.avast.com/rietspoof-malware-increases-activity" source_url = "https://github.com/advanced-threat-research/Yara-Rules//blob/fc51a3fe3b450838614a5a5aa327c6bd8689cbb2/malware/MALW_rietspoof_loader.yar#L1-L22" @@ -200884,7 +200931,7 @@ rule TRELLIX_ARC_Malw_Eicar : EICAR description = "Rule to detect the EICAR pattern" author = "Marc Rivero | McAfee ATR Team" id = "16307b03-7fab-5d68-ad3b-0efcea952fcf" - date = "2025-01-01" + date = "2025-02-01" modified = "2020-08-14" reference = "https://www.eicar.org/" source_url = "https://github.com/advanced-threat-research/Yara-Rules//blob/fc51a3fe3b450838614a5a5aa327c6bd8689cbb2/malware/MALW_Eicar.yar#L1-L22" @@ -202761,7 +202808,7 @@ rule TRELLIX_ARC_Troy_Malware_Campaign_Pdb : BACKDOOR FILE * YARA Rule Set * Repository Name: Arkbird SOLG * Repository: https://github.com/StrangerealIntel/DailyIOC - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: a873ff1298c43705e9c67286f3014f4300dd04f7 * Number of Rules: 215 * Skipped: 0 (age), 11 (quality), 0 (score), 0 (importance) @@ -209883,7 +209930,7 @@ rule ARKBIRD_SOLG_TA505_Maldoc_21Nov_2 : FILE * YARA Rule Set * Repository Name: Telekom Security * Repository: https://github.com/telekom-security/malware_analysis/ - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: bf832d97e8fd292ec5e095e35bde992a6462e71c * Number of Rules: 12 * Skipped: 0 (age), 5 (quality), 0 (score), 0 (importance) @@ -210251,7 +210298,7 @@ rule TELEKOM_SECURITY_Win_Iceid_Core_202104 : FILE * YARA Rule Set * Repository Name: Volexity * Repository: https://github.com/volexity/threat-intel - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: b2dd39c31efbb1ed004fb25faaace7d5caf2f424 * Number of Rules: 94 * Skipped: 0 (age), 0 (quality), 0 (score), 0 (importance) @@ -211379,8 +211426,8 @@ rule VOLEXITY_Apt_Malware_Py_Dustpan_Pyloader : STORMBAMBOO FILE MEMORY condition: 3 of ( $s_* ) or any of ( $url_* ) or $path_1 } -import "pe" import "hash" +import "pe" rule VOLEXITY_Apt_Malware_Win_Pocostick_B : STORMBAMBOO FILE { @@ -213483,7 +213530,7 @@ rule VOLEXITY_Apt_Win_Freshfire : APT29 * YARA Rule Set * Repository Name: JPCERTCC * Repository: https://github.com/JPCERTCC/MalConfScan/ - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 19ec0d145535a6a4cfd37c0960114f455a8c343e * Number of Rules: 30 * Skipped: 0 (age), 4 (quality), 0 (score), 0 (importance) @@ -214327,7 +214374,7 @@ rule JPCERTCC_Elf_Wellmess : FILE * YARA Rule Set * Repository Name: SecuInfra * Repository: https://github.com/SIFalcon/Detection - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 2d7c66d7d16c7541bf2a9a83a7a6d334364a26fd * Number of Rules: 45 * Skipped: 0 (age), 11 (quality), 0 (score), 0 (importance) @@ -215356,9 +215403,9 @@ rule SECUINFRA_RANSOM_Magniber_ISO_Jan23 : FILE condition: filesize > 200KB and filesize < 800KB and all of them } -import "pe" -import "console" import "math" +import "console" +import "pe" rule SECUINFRA_RANSOM_Lockbit_Black_Packer : RANSOMWARE FILE { @@ -215631,7 +215678,7 @@ rule SECUINFRA_APT_Bitter_PDB_Paths : FILE * YARA Rule Set * Repository Name: RussianPanda * Repository: https://github.com/RussianPanda95/Yara-Rules - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: e0394e68ccd3363745685db3839a7ff2ebedfec9 * Number of Rules: 77 * Skipped: 0 (age), 1 (quality), 0 (score), 0 (importance) @@ -217656,7 +217703,7 @@ rule RUSSIANPANDA_Meduzastealer : FILE * YARA Rule Set * Repository Name: Check Point * Repository: https://github.com/mikesxrs/Open-Source-YARA-rules - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: ec0056f767db98bf6d5fd63877ad51fb54d350e9 * Number of Rules: 4 * Skipped: 0 (age), 0 (quality), 0 (score), 0 (importance) @@ -217870,7 +217917,7 @@ rule CHECK_POINT_Injector_ZZ_Dotrunpex_Oldnew : FILE * YARA Rule Set * Repository Name: Dragon Threat Labs * Repository: https://github.com/mikesxrs/Open-Source-YARA-rules - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: ec0056f767db98bf6d5fd63877ad51fb54d350e9 * Number of Rules: 7 * Skipped: 0 (age), 0 (quality), 0 (score), 0 (importance) @@ -218061,7 +218108,7 @@ rule DRAGON_THREAT_LABS_Apt_Win_Mocelpa * YARA Rule Set * Repository Name: Microsoft * Repository: https://github.com/mikesxrs/Open-Source-YARA-rules - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: ec0056f767db98bf6d5fd63877ad51fb54d350e9 * Number of Rules: 21 * Skipped: 0 (age), 0 (quality), 0 (score), 0 (importance) @@ -218665,7 +218712,7 @@ rule MICROSOFT_Devilstongue_Hijackdll : FILE * YARA Rule Set * Repository Name: NCSC * Repository: https://github.com/mikesxrs/Open-Source-YARA-rules - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: ec0056f767db98bf6d5fd63877ad51fb54d350e9 * Number of Rules: 17 * Skipped: 0 (age), 0 (quality), 0 (score), 0 (importance) @@ -219136,7 +219183,7 @@ rule NCSC_Sparrowdoor_Apipatch * YARA Rule Set * Repository Name: Dr4k0nia * Repository: https://github.com/dr4k0nia/yara-rules - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 4b10f9b79a4cfb3ec9cb5675f32cc7ee6885fbd8 * Number of Rules: 5 * Skipped: 0 (age), 0 (quality), 0 (score), 0 (importance) @@ -219317,7 +219364,7 @@ rule DR4K0NIA_MAL_MSIL_NET_Typhonlogger_Jul23 : FILE * YARA Rule Set * Repository Name: EmbeeResearch * Repository: https://github.com/embee-research/Yara-detection-rules/ - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: ac56d6f6fd2a30c8cb6e5c0455d6519210a8b0f4 * Number of Rules: 39 * Skipped: 0 (age), 8 (quality), 0 (score), 0 (importance) @@ -219942,8 +219989,8 @@ rule EMBEERESEARCH_Win_Medusa_Bytecodes condition: $s1 or $s2 } -import "pe" import "math" +import "pe" rule EMBEERESEARCH_Win_Pikabot_Resource_Entropy_Oct_2023 { @@ -220410,7 +220457,7 @@ rule EMBEERESEARCH_Win_Havoc_Djb2_Hashing_Routine_Oct_2022 : FILE * YARA Rule Set * Repository Name: AvastTI * Repository: https://github.com/avast/ioc - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: c696ec4bc17b1d41d5585d40ccf476f445b4a3de * Number of Rules: 33 * Skipped: 0 (age), 0 (quality), 0 (score), 0 (importance) @@ -221273,7 +221320,7 @@ rule AVASTTI_Manjusaka_Payload_Mz * YARA Rule Set * Repository Name: SBousseaden * Repository: https://github.com/sbousseaden/YaraHunts/ - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 71b27a2a7c57c2aa1877a11d8933167794e2b4fb * Number of Rules: 36 * Skipped: 0 (age), 4 (quality), 0 (score), 0 (importance) @@ -222350,7 +222397,7 @@ rule SBOUSSEADEN_Susp_Winsvc_Upx : FILE * YARA Rule Set * Repository Name: Elceef * Repository: https://github.com/elceef/yara-rulz - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 05834717d1464d5efce8ad9d688ff7b53886a0bb * Number of Rules: 17 * Skipped: 0 (age), 1 (quality), 0 (score), 0 (importance) @@ -222850,7 +222897,7 @@ rule ELCEEF_OLE2_Autoopen_Reversed_Payload : FILE * YARA Rule Set * Repository Name: GodModeRules * Repository: https://github.com/Neo23x0/god-mode-rules/ - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 436dc682164cf17a123d6b09d1424e7e2acf0c25 * Number of Rules: 1 * Skipped: 0 (age), 0 (quality), 0 (score), 0 (importance) @@ -223121,7 +223168,7 @@ rule GODMODERULES_IDDQD_God_Mode_Rule * YARA Rule Set * Repository Name: Cod3nym * Repository: https://github.com/cod3nym/detection-rules/ - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: ad485bff0ce30afb56e367b7f2b76fea81e78fc9 * Number of Rules: 13 * Skipped: 0 (age), 1 (quality), 0 (score), 0 (importance) @@ -223580,7 +223627,7 @@ rule COD3NYM_MAL_NET_Limecrypter_Runpe_Jan24 : FILE * YARA Rule Set * Repository Name: craiu * Repository: https://github.com/craiu/yararules - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 23cf0ca22021fa3684e180a18416b9ae1b695243 * Number of Rules: 13 * Skipped: 0 (age), 0 (quality), 0 (score), 0 (importance) @@ -224745,7 +224792,7 @@ rule CRAIU_Susp_Ios_Shutdown * YARA Rule Set * Repository Name: DitekSHen * Repository: https://github.com/ditekshen/detection - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: e76c93dcdedff04076380ffc60ea54e45b313635 * Number of Rules: 1443 * Skipped: 0 (age), 112 (quality), 0 (score), 0 (importance) @@ -265189,7 +265236,7 @@ rule DITEKSHEN_INDICATOR_RTF_Remotetemplate : CVE_2017_11882 FILE * YARA Rule Set * Repository Name: WithSecureLabs * Repository: https://github.com/WithSecureLabs/iocs - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 29adc4b6c2c2850f0f385aec77ab6fc0d7a8f20c * Number of Rules: 5 * Skipped: 0 (age), 0 (quality), 0 (score), 0 (importance) @@ -265444,7 +265491,7 @@ rule WITHSECURELABS_Ducktail_Artifacts : FILE * YARA Rule Set * Repository Name: HarfangLab * Repository: https://github.com/HarfangLab/iocs - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 8dd8e9296b110ce3fb13bc557a0295dff8c4c357 * Number of Rules: 18 * Skipped: 0 (age), 1 (quality), 0 (score), 0 (importance) @@ -266137,8 +266184,8 @@ rule HARFANGLAB_Custom_Ateraagent_Operator : FILE * YARA Rule Set * Repository Name: LOLDrivers * Repository: https://github.com/magicsword-io/LOLDrivers/ - * Retrieval Date: 2025-01-26 - * Git Commit: e00ea6e5c7fc6c2941e9819d98b719e769ec98b8 + * Retrieval Date: 2025-02-02 + * Git Commit: ea9d25b98a805e28980388282fa9e489e30b8d74 * Number of Rules: 529 * Skipped: 0 (age), 0 (quality), 0 (score), 0 (importance) * @@ -266357,8 +266404,8 @@ rule LOLDRIVERS_MAL_Driver_Microsoftcorporation_Windbgsys_Microsoftwindowsoperat date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L2-L37" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L2-L37" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6994b32e3f3357f4a1d0abe81e8b62dd54e36b17816f2f1a80018584200a1b77" hash = "5b932eab6c67f62f097a3249477ac46d80ddccdc52654f8674060b4ddf638e5d" hash = "ea50f22daade04d3ca06dedb497b905215cba31aae7b4cab4b533fda0c5be620" @@ -266403,8 +266450,8 @@ rule LOLDRIVERS_MAL_Driver_Gentilkiwibenjamindelpy_Mimidrv_Mimidrvmimikatz_AAF0 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L40-L98" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L40-L98" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "aaf04d89fd15bc61265e545f8e1da80e20f59f90058ed343c62ee24358e3af9e" hash = "4b97d63ebdeda6941bb8cef5e94741c6cca75237ca830561f2262034805f0919" hash = "c42c1e5c3c04163bf61c3b86b04a5ec7d302af7e254990cef359ac80474299da" @@ -266472,8 +266519,8 @@ rule LOLDRIVERS_MAL_Driver_Gentilkiwibenjamindelpy_Mimidrv_Mimidrvmimikatz_DDF4 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L101-L134" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L101-L134" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ddf427ce55b36db522f638ba38e34cd7b96a04cb3c47849b91e7554bfd09a69a" hash = "bcb774b6f6ff504d2db58096601bc5cb419c169bfbeaa3af852417e87d9b2aa0" hash = "af4f42197f5ce2d11993434725c81ecb6f54025110dedf56be8ffc0e775d9895" @@ -266516,8 +266563,8 @@ rule LOLDRIVERS_MAL_Driver_Gentilkiwibenjamindelpy_Mimidrv_Mimidrvmimikatz_0F58 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L137-L169" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L137-L169" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0f58e09651d48d2b1bcec7b9f7bb85a2d1a7b65f7a51db281fe0c4f058a48597" hash = "087270d57f1626f29ba9c25750ca19838a869b73a1f71af50bdf37d6ff776212" hash = "0d676baac43d9e2d05b577d5e0c516fba250391ab0cb11232a4b17fd97a51e35" @@ -266559,8 +266606,8 @@ rule LOLDRIVERS_MAL_Driver_Gentilkiwibenjamindelpy_Mimidrv_Mimidrvmimikatz_7662 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L172-L213" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L172-L213" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7662187c236003308a7951c2f49c0768636c492f8935292d02f69e59b01d236d" hash = "a85d3fd59bb492a290552e5124bfe3f9e26a3086d69d42ccc44737b5a66673ec" hash = "60ee78a2b070c830fabb54c6bde0d095dff8fad7f72aa719758b3c41c72c2aa9" @@ -266611,8 +266658,8 @@ rule LOLDRIVERS_MAL_Driver_Gentilkiwibenjamindelpy_Mimidrv_Mimidrvmimikatz_14B8 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L216-L265" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L216-L265" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "14b89298134696f2fd1b1df0961d36fa6354721ea92498a349dc421e79447925" hash = "36c65aeb255c06898ffe32e301030e0b74c8bca6fe7be593584b8fdaacd4e475" hash = "673bbc7fa4154f7d99af333014e888599c27ead02710f7bc7199184b30b38653" @@ -266671,8 +266718,8 @@ rule LOLDRIVERS_MAL_Driver_Gentilkiwibenjamindelpy_Mimidrv_Mimidrvmimikatz_41AD date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L268-L302" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L268-L302" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "41ad660820c41fc8b1860b13dc1fea8bc8cb2faceb36ed3e29d40d28079d2b1f" hash = "a7a665a695ec3c0f862a0d762ad55aff6ce6014359647e7c7f7e3c4dc3be81b7" hash = "9a42fa1870472c38a56c0a70f62e57a3cdc0f5bc142f3a400d897b85d65800ac" @@ -266716,8 +266763,8 @@ rule LOLDRIVERS_MAL_Driver_Sensecorp_42B2 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L305-L321" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L305-L321" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "42b22faa489b5de936db33f12184f6233198bdf851a18264d31210207827ba25" logic_hash = "72e213913bf4317fa0751775e6a1a82ba2706e79c52fcd3e2c8ca69050e3a9d7" score = 70 @@ -266743,8 +266790,8 @@ rule LOLDRIVERS_MAL_Driver_Legalcorp_Pciexpressvideocapture_FD22 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L324-L342" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L324-L342" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "fd223833abffa9cd6cc1848d77599673643585925a7ee51259d67c44d361cce8" logic_hash = "4c47a159595f420c520e6924238bd260f49ccf163208713c72c62638b13756d9" score = 70 @@ -266772,8 +266819,8 @@ rule LOLDRIVERS_MAL_Driver_Gmer_Gmersys_Gmer_0052 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L345-L365" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L345-L365" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0052aa88e42055a2eed5ddd17c3499c692360155e5e031a211edfcef577acce3" hash = "18c909a2b8c5e16821d6ef908f56881aa0ecceeaccb5fa1e54995935fcfd12f7" logic_hash = "1644a972cb9bde33e5e8ec078b0ee67b34b6a298504895f364260b96a453a3ba" @@ -266803,8 +266850,8 @@ rule LOLDRIVERS_MAL_Driver_Mimidrv_Mimidrvmimikatz_2FAF date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L368-L384" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L368-L384" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2faf95a3405578d0e613c8d88d534aa7233da0a6217ce8475890140ab8fb33c8" logic_hash = "e7b3f0a8f5a91896f7d487a39c622b12fc7488f9f80c80b6b551e7e5f6a67f18" score = 70 @@ -266830,8 +266877,8 @@ rule LOLDRIVERS_MAL_Driver_Gentilkiwibenjamindelpy_Mimidrv_Mimidrvmimikatz_2FD4 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L387-L408" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L387-L408" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2fd43a749b5040ebfafd7cdbd088e27ef44341d121f313515ebde460bf3aaa21" hash = "7824931e55249a501074a258b4f65cd66157ee35672ba17d1c0209f5b0384a28" hash = "28f5aa194a384680a08c0467e94a8fc40f8b0f3f2ac5deb42e0f51a80d27b553" @@ -266862,8 +266909,8 @@ rule LOLDRIVERS_MAL_Driver_Microsoftcorporation_Ntbiosys_Microsoftrwindowsrntope date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L411-L431" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L411-L431" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c0d88db11d0f529754d290ed5f4c34b4dba8c4f2e5c4148866daabeab0d25f9c" hash = "96bf3ee7c6673b69c6aa173bb44e21fa636b1c2c73f4356a7599c121284a51cc" logic_hash = "74ad0b57644d82a77bc902786250156f5e3700671bdf9765055b5908dc345a67" @@ -266893,8 +266940,8 @@ rule LOLDRIVERS_MAL_Driver_Microsoftcorporation_Wintapixsys_Microsoftwindowsoper date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L434-L454" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L434-L454" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "8578bff36e3b02cc71495b647db88c67c3c5ca710b5a2bd539148550595d0330" hash = "1485c0ed3e875cbdfc6786a5bd26d18ea9d31727deb8df290a1c00c780419a4e" logic_hash = "dd85f0dc471425fe692e5a51580a97facdaea45505c48b5e01dd6dbc975f2ffe" @@ -266924,8 +266971,8 @@ rule LOLDRIVERS_MAL_Driver_Microsoftcorporation_Wantdsys_Microsoftwindowsoperati date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L457-L479" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L457-L479" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e7af7bcb86bd6bab1835f610671c3921441965a839673ac34444cf0ce7b2164e" hash = "b9dad0131c51e2645e761b74a71ebad2bf175645fa9f42a4ab0e6921b83306e3" hash = "8d9a2363b757d3f127b9c6ed8f7b8b018e652369bc070aa3500b3a978feaa6ce" @@ -266957,8 +267004,8 @@ rule LOLDRIVERS_MAL_Driver_Gentilkiwibenjamindelpy_Mimidrv_Mimidrvmimikatz_30E0 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L482-L502" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L482-L502" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "30e083cd7616b1b969a92fd18cf03097735596cce7fcf3254b2ca344e526acc2" hash = "a906251667a103a484a6888dca3e9c8c81f513b8f037b98dfc11440802b0d640" logic_hash = "e2c964f7e30da210778e8a2e5bb96d53485a0736cf3ff28bccbefacb6b46765a" @@ -266988,8 +267035,8 @@ rule LOLDRIVERS_MAL_Driver_Microsoftcorporation_Wantdsys_Microsoftwindowsoperati date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L505-L524" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L505-L524" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6908ebf52eb19c6719a0b508d1e2128f198d10441551cbfb9f4031d382f5229f" logic_hash = "9cde0a399b852038979993375be2a6d0f9f9f760381e94df0190256e8810949f" score = 70 @@ -267018,8 +267065,8 @@ rule LOLDRIVERS_MAL_Driver_Microsoftcorporation_Srvnetsys_Microsoftwindowsoperat date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L527-L546" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L527-L546" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f6c316e2385f2694d47e936b0ac4bc9b55e279d530dd5e805f0d963cb47c3c0d" logic_hash = "ab1aea5cec71668c0e35ea149b9e537c8468738c3b3e70382ebedf51bb8729d0" score = 70 @@ -267048,8 +267095,8 @@ rule LOLDRIVERS_MAL_Driver_Microsoftcorporation_Wantdsys_Microsoftwindowsoperati date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L549-L568" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L549-L568" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "81c7bb39100d358f8286da5e9aa838606c98dfcc263e9a82ed91cd438cb130d1" logic_hash = "ec9e321bbc89bffb6243e3edde45e60dc06513e88dfb9a262768ef081db60c5b" score = 70 @@ -267078,8 +267125,8 @@ rule LOLDRIVERS_MAL_Driver_773B date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L571-L585" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L571-L585" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "773b4a1efb9932dd5116c93d06681990759343dfe13c0858d09245bc610d5894" logic_hash = "5e01850384ac0dc0e9f33e3e217e0e824cfe3c2bb46feff94dffa070f2f7c9a0" score = 70 @@ -267103,8 +267150,8 @@ rule LOLDRIVERS_MAL_Driver_Sensecorp_7F45 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L588-L604" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L588-L604" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7f4555a940ce1156c9bcea9a2a0b801f9a5e44ec9400b61b14a7b1a6404ffdf6" logic_hash = "dbef723d7e44da110675402fc13708c5b077eeb6a66c1772885f5879d795ec4e" score = 70 @@ -267130,8 +267177,8 @@ rule LOLDRIVERS_MAL_Driver_Microsoftcorporation_Ndislansys_Microsoftwindowsopera date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_mal_drivers.yar#L607-L626" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_mal_drivers.yar#L607-L626" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "b0eb4d999e4e0e7c2e33ff081e847c87b49940eb24a9e0794c6aa9516832c427" logic_hash = "4b92b69636dea19a23172def47e9a1bbd4507075ec118b48db30fec377b8fbff" score = 70 @@ -267160,8 +267207,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cpuid_Cpuzsys_Cpuidservice_34BE : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2-L29" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2-L29" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "34bee22c18ddbddbe115cf1ab55cabf0e482aba1eb2c343153577fb24b7226d3" hash = "5177a3b7393fb5855b2ec0a45d4c91660b958ee077e76e5a7d0669f2e04bcf02" hash = "368a9c2b6f12adbe2ba65181fb96f8b0d2241e4eae9f3ce3e20e50c3a3cc9aa1" @@ -267198,8 +267245,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cpuid_Cpuzsys_Cpuidservice_0E85 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L32-L60" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L32-L60" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0e8595217f4457757bed0e3cdea25ea70429732b173bba999f02dc85c7e06d02" hash = "73c03b01d5d1eb03ec5cb5a443714b12fa095cc4b09ddc34671a92117ae4bb3a" hash = "b0f6cd34717d0cea5ab394b39a9de3a479ca472a071540a595117219d9a61a44" @@ -267237,8 +267284,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Wisecleanercom_Wiseunlosys_Wiseunlo_786F : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L63-L86" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L63-L86" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "786f0ba14567a7e19192645ad4e40bee6df259abf2fbdfda35b6a38f8493d6cc" hash = "87aae726bf7104aac8c8f566ea98f2b51a2bfb6097b6fc8aa1f70adeb4681e1b" hash = "daf549a7080d384ba99d1b5bd2383dbb1aa640f7ea3a216df1f08981508155f5" @@ -267271,8 +267318,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cpuid_Cpuzsys_Cpuidservice_A397 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L89-L122" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L89-L122" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a3975db1127c331ba541fffff0c607a15c45b47aa078e756b402422ef7e81c2c" hash = "6befa481e8cca8084d9ec3a1925782cd3c28ef7a3e4384e034d48deaabb96b63" hash = "f7e0cca8ad9ea1e34fa1a5e0533a746b2fa0988ba56b01542bc43841e463b686" @@ -267315,8 +267362,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Zemanaltd_Zam_D7E0 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L125-L142" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L125-L142" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d7e091e0d478c34232e8479b950c5513077b3a69309885cee4c61063e5f74ac0" logic_hash = "229c98a4e55486cde122edd3a846c6cec6b242ee9e0269bf25e92d1e00e63d67" score = 40 @@ -267343,8 +267390,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cpuid_Cpuzsys_Cpuidservice_2298 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L145-L170" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L145-L170" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2298e838e3c015aedfb83ab18194a2503fe5764a862c294c8b39c550aab2f08e" hash = "2a6db9facf9e13d35c37dd468be04bae5f70c6127a9aee76daebddbdec95d486" hash = "69640e9209f8e2ac25416bd3119b5308894b6ce22b5c80cb5d5f98f2f85d42ce" @@ -267379,8 +267426,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Asrockincorporation_Asrdrvsys_Asrockiodriver_4D0 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L173-L202" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L173-L202" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4d03a01257e156a3a018230059052791c3cde556e5cec7a4dd2f55f65c06e146" hash = "3943a796cc7c5352aa57ccf544295bfd6fb69aae147bc8235a00202dc6ed6838" hash = "950a4c0c772021cee26011a92194f0e58d61588f77f2873aa0599dff52a160c9" @@ -267419,8 +267466,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Getactechnologycorporation_Mtcbsvsys_Getacsystem date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L205-L224" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L205-L224" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0abca92512fc98fe6c2e7d0a33935686fc3acbd0a4c68b51f4a70ece828c0664" logic_hash = "5c46f095f8329b4dab225ff3b15eb102ecfa9f25f0f86f1d18ea3a6690e267b8" score = 40 @@ -267449,8 +267496,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Razerinc_Rzpnk_Rzpnk_D7B7 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L227-L249" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L227-L249" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d7b743c3f98662c955c616e0d1bb0800c9602e5b6f2385336a72623037bfd6dd" hash = "567809308cfb72d59b89364a6475f34a912d03889aa50866803ac3d0bf2c3270" hash = "93d873cdf23d5edc622b74f9544cac7fe247d7a68e1e2a7bf2879fad97a3ae63" @@ -267482,8 +267529,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Netfiltersys_Windowsrwind date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L252-L277" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L252-L277" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9dbc2a37f53507296cc912e7d354dab4e55541ba821561aa84f74d1bd8346be2" hash = "65a3e69854c729659281d2c5f8a4c8274ad3606befdcd9e1b79d3262f260bfa1" hash = "71701c5c569ef67391c995a12b21ca06935b7799ed211d978f7877115c58dce0" @@ -267518,8 +267565,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Lgdatacatchersys_Gameacc_ date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L280-L301" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L280-L301" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "07fb2bb6c852f6a6fe982b2232f047e167be39738bac26806ffe0927ba873756" hash = "516159871730b18c2bddedb1a9da110577112d4835606ee79bb80e7a58784a13" hash = "45b07a2f387e047a6bb0e59b7f22fb56182d57b50e84e386a38c2dbb7e773837" @@ -267550,8 +267597,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Innotekgmbh_Vboxguest_Virtualboxguestadditions_D date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L304-L323" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L304-L323" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d53f9111a5e6c94b37e3f39c5860897405cb250dd11aa91c3814a98b1759c055" logic_hash = "06994b6e75aefad03b1346e1bcaf68dca8464526bf182557257c4f5635bb93ce" score = 40 @@ -267580,8 +267627,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Eldoscorporation_Elrawdsksys_Rawdisk_4744 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L326-L346" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L326-L346" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4744df6ac02ff0a3f9ad0bf47b15854bbebb73c936dd02f7c79293a2828406f6" hash = "5a826b4fa10891cf63aae832fc645ce680a483b915c608ca26cedbb173b1b80a" logic_hash = "01faeb5fe7618ce1135a8532c76357cfea1dfb0932e3d7c4cf9ff7d1c8c1d8fb" @@ -267611,8 +267658,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Gigabytetechnologycoltd_Gdrvsys_Gigabytesoftware date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L349-L368" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L349-L368" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "81aafae4c4158d0b9a6431aff0410745a0f6a43fb20a9ab316ffeb8c2e2ccac0" logic_hash = "8be18437fb165bab491d1d63b01d744f14df8594288bf0d447b76913de934aa9" score = 40 @@ -267641,8 +267688,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Advancedmicrodevices_Amdryzenmasterdriversys_Amd date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L371-L390" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L371-L390" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f6cd7353cb6e86e98d387473ed6340f9b44241867508e209e944f548b9db1d5f" logic_hash = "1f489ec71f92390aeb4137ba72cb88a950ed91f8e67bb82cf176a8c2fb4ef50f" score = 40 @@ -267671,8 +267718,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpotsys_Avginternetsecu date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L393-L412" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L393-L412" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2594b3ef3675ca3a7b465b8ed4962e3251364bab13b12af00ebba7fa2211abb2" logic_hash = "ef0e7b48aaee9dc6251120a879a192993d86043dbfd11e2be1f6e675aaa4d2e4" score = 40 @@ -267701,8 +267748,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_8473 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L415-L437" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L415-L437" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "84739539aa6a9c9cb3c48c53f9399742883f17f24e081ebfa7bfaaf59f3ed451" hash = "6c7120e40fc850e4715058b233f5ad4527d1084a909114fd6a36b7b7573c4a44" hash = "e279e425d906ba77784fb5b2738913f5065a567d03abe4fd5571695d418c1c0f" @@ -267734,8 +267781,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Highresolutionenterpriseswwwhighrezcouk_Inpoutsy date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L440-L463" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L440-L463" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "cfab93885e5129a86d13fd380d010cc8c204429973b776ab1b472d84a767930f" hash = "945ee05244316ff2f877718cf0625d4eb34e6ec472f403f958f2a700f9092507" hash = "7db320e49139f636c8b6d12b6c78b666a62599e9d59587ba87c6b89b0a34b18d" @@ -267768,8 +267815,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_4CD8 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L466-L486" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L466-L486" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4cd80f4e33b713570f6a16b9f77679efa45a466737e41db45b41924e7d7caef4" hash = "00c02901472d74e8276743c847b8148be3799b0e3037c1dfdca21fa81ad4b922" hash = "66a20fc2658c70facd420f5437a73fa07a5175998e569255cfb16c2f14c5e796" @@ -267799,8 +267846,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Innotekgmbh_Vboxguest_Virtualboxguestadditions_9 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L489-L508" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L489-L508" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "983310cdce8397c016bfcfcc9c3a8abbb5c928b235bc3c3ae3a3cc10ef24dfbd" logic_hash = "8d2323bd83c70339f41fc8f90c67729f57ee1e54dc4f7d05dfded438c7bc419a" score = 40 @@ -267829,8 +267876,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Rweverything_Rwdrvsys_Rwdrvdriver_45BA : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L511-L537" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L511-L537" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "45ba688a4bded8a7e78a4f5b0dc21004e951ddceb014bb92f51a3301d2fbc56a" hash = "bdcacb9f373b017d0905845292bca2089feb0900ce80e78df1bcaae8328ce042" hash = "3279593db91bb7ad5b489a01808c645eafafda6cc9c39f50d10ccc30203f2ddf" @@ -267866,8 +267913,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Vmdrvsys_Windowsrwinddkdr date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L540-L561" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L540-L561" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5c0b429e5935814457934fa9c10ac7a88e19068fa1bd152879e4e9b89c103921" hash = "32cccc4f249499061c0afa18f534c825d01034a1f6815f5506bf4c4ff55d1351" hash = "d884ca8cc4ef1826ca3ab03eb3c2d8f356ba25f2d20db0a7d9fc251c565be7f3" @@ -267898,8 +267945,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Advancedmicrodevices_Amdryzenmasterdriversys_Amd date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L564-L584" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L564-L584" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a13054f349b7baa8c8a3fcbd31789807a493cc52224bbff5e412eb2bd52a6433" hash = "7e81beae78e1ddbf6c150e15667e1f18783f9b0ab7fbe52c7ab63e754135948d" logic_hash = "46c2abfe24d092b974e0916f7ccf53b71c12f3d438dff3e0ef9ffd1c253b0144" @@ -267929,8 +267976,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realixtm_Hwinfoisys_Hwinfoiakerneldriver_33C6 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L587-L606" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L587-L606" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "33c6c622464f80a8d8017a03ff3aa196840da8bb03bfb5212b51612b5cf953dc" logic_hash = "b9ec2a1a569f6972c9713a8e1512b0de974b4536bc92bd5466ee808d7574fada" score = 40 @@ -267959,8 +268006,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Advancedmicrodevicesinc_Pdfwkrnlsys_Usbcpowerdel date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L609-L628" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L609-L628" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6945077a6846af3e4e2f6a2f533702f57e993c5b156b6965a552d6a5d63b7402" logic_hash = "06b458c2f8c6eb5dadf2a05c69225fdc4cbd6bd48e4380fa224573139de6a466" score = 40 @@ -267989,8 +268036,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Fintekcorp_Fintekcorpfintekpcieuart_32BD : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L631-L651" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L631-L651" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "32bd0edb9daa60175b1dc054f30e28e8dbfa293a32e6c86bfd06bc046eaa2f9e" hash = "17942865680bd3d6e6633c90cc4bd692ae0951a8589dbe103c1e293b3067344d" hash = "b1920889466cd5054e3ab6433a618e76c6671c3e806af8b3084c77c0e7648cbe" @@ -268020,8 +268067,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Ngiodriversys_Avastng_42B3 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L654-L674" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L654-L674" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "42b31b850894bf917372ff50fbe1aff3990331e8bd03840d75e29dcc1026c180" hash = "c0c52425dd90f36d110952c665e5b644bb1092f952942c07bb4da998c9ce6e5b" logic_hash = "d9437369dd7a913176a1351f991216f3190b608f3a3182e891bdb7778835b815" @@ -268051,8 +268098,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpot_Avginternetsecurit date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L677-L696" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L677-L696" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5bd41a29cbba0d24e639f49d1f201b9bd119b11f5e3b8a5fefa3a5c6f1e7692c" logic_hash = "69948e6d3cc375d78ba95a51c7a78e5a3f17e0ca07cf1e3e53d54f350d9ac0a9" score = 40 @@ -268081,8 +268128,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Innotekgmbh_Vboxusbsys_Virtualboxusbdriver_C509 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L699-L718" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L699-L718" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c509935f3812ad9b363754216561e0a529fc2d5b8e86bfa7302b8d149b7d04aa" logic_hash = "5bf3a4f5e3f674c4f32de55abd9d1981ad0b1fd48fb460905d017096b30ae10e" score = 40 @@ -268111,8 +268158,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Netfiltersys_F171 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L721-L740" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L721-L740" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f1718a005232d1261894b798a60c73d971416359b70d0e545d7e7a40ed742b71" logic_hash = "2879360aef7b25e7d5ea9e4cbdce9f60a33ca4181ef35e18117e69832589cc73" score = 40 @@ -268141,8 +268188,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_DD4F : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L743-L765" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L743-L765" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "dd4fedd5662122cbfe046a12e2137294ef1cb7822238d9e24eacc78f22f8e93d" hash = "904e0f7d485a98e8497d5ec6dd6e6e1cf0b8d8e067fb64a9e09790af3c8c9d5a" hash = "1c2f1e2b0cc4da128feb73a6b9dd040df8495fefe861d69c9f44778c6ddb9b9b" @@ -268174,8 +268221,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_7627 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L768-L787" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L768-L787" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "76276c87617b836dd6f31b73d2bb0e756d4b3d133bddfe169cb4225124ca6bfb" hash = "1e9c236ed39507661ec32731033c4a9b9c97a6221def69200e03685c08e0bfa7" logic_hash = "eba1a04dc1de06122a8bad80399c4233b9c3101f4fcbc805ec7615010da76833" @@ -268204,8 +268251,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L790-L810" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L790-L810" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "16ae28284c09839900b99c0bdf6ce4ffcd7fe666cfd5cfb0d54a3ad9bea9aa9c" hash = "d54ac69c438ba77cde88c6efd6a423491996d4e8a235666644b1db954eb1da9c" logic_hash = "4c4359af17cfc03947722c644064fa2e2bacc5adcbd66499bfba4aa483ac56f6" @@ -268235,8 +268282,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Computerz_Computerzsys_Computerzsystemdriver_61F date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L813-L832" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L813-L832" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "61f3b1c026d203ce94fab514e3d15090222c0eedc2a768cc2d073ec658671874" logic_hash = "73d2e39a2e1d9810f5f0999a8f79a238a36305d36db731a3e84859e6d15bfdd8" score = 40 @@ -268265,8 +268312,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sysinternalswwwsysinternalscom_Procexpsys_Proces date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L835-L864" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L835-L864" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "88e2e6a705d3fb71b966d9fb46dc5a4b015548daf585fb54dfcd81dc0bd3ebdc" hash = "f29073dc99cb52fa890aae80037b48a172138f112474a1aecddae21179c93478" hash = "89b9823ed974a5b71de8468324d45b7e9d6dc914f93615ba86c6209b25b3cbf7" @@ -268305,8 +268352,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Cpuzsys_Windowsrwinddkdri date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L867-L897" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L867-L897" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1f4d4db4abe26e765a33afb2501ac134d14cadeaa74ae8a0fae420e4ecf58e0c" hash = "c3e150eb7e7292f70299d3054ed429156a4c32b1f7466a706a2b99249022979e" hash = "922d23999a59ce0d84b479170fd265650bc7fae9e7d41bf550d8597f472a3832" @@ -268346,8 +268393,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Mitactechnologycorporation_Vdbsvsys_Mitacsystems date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L900-L919" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L900-L919" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "91afa3de4b70ee26a4be68587d58b154c7b32b50b504ff0dc0babc4eb56578f4" logic_hash = "e93e2620e452d0d6d834057921ed0de35309098130b47e98da7c1e87b31b86ee" score = 40 @@ -268376,8 +268423,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_00B3 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L922-L944" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L922-L944" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "00b3ff11585c2527b9e1c140fd57cb70b18fd0b775ec87e9646603056622a1fd" hash = "3140005ce5cac03985f71c29732859c88017df9d41c3761aa7c57bbcb7ad2928" hash = "18f306b6edcfacd33b7b244eaecdd0986ef342f0d381158844d1f0ee1ac5c8d7" @@ -268409,8 +268456,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_B50F : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L947-L969" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L947-L969" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "b50ffc60eaa4fb7429fdbb67c0aba0c7085f5129564d0a113fec231c5f8ff62e" hash = "dd2f1f7012fb1f4b2fb49be57af515cb462aa9c438e5756285d914d65da3745b" hash = "b37b3c6877b70289c0f43aeb71349f7344b06063996e6347c3c18d8c5de77f3b" @@ -268442,8 +268489,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Openlibsysorg_Winringsys_Winring_11BD : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L972-L992" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L972-L992" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5" hash = "a7b000abbcc344444a9b00cfade7aa22ab92ce0cadec196c30eb1851ae4fa062" logic_hash = "e5777a3a1e71f287c18434a48c2990abd3e202c919378a9473541abe2b8f0ba5" @@ -268473,8 +268520,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowswinowsdriverkitsprovider_Hwrwdrvsys_Hardw date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L995-L1014" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L995-L1014" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "21ccdd306b5183c00ecfd0475b3152e7d94b921e858e59b68a03e925d1715f21" logic_hash = "da6f9de9c0529ef274b989f63d9d6308ea78a0f7f91d81caaafb5478412c33eb" score = 40 @@ -268503,8 +268550,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpot_Avastantivirus_AD8F : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1017-L1036" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1017-L1036" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ad8ffccfde782bc287241152cf24245a8bf21c2530d81c57e17631b3c4adb833" logic_hash = "fba0440ab68b148f26224cce5d2b8bdb684a2d185502fb3b920fe12288e6d775" score = 40 @@ -268533,8 +268580,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibsys_Ntiolib_3124 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1039-L1058" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1039-L1058" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3124b0411b8077605db2a9b7909d8240e0d554496600e2706e531c93c931e1b5" logic_hash = "4e22250223e272624f9608e7981ba91c1fb0e00eaf6d8388b81ad91fd8dbcc5c" score = 40 @@ -268563,8 +268610,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Dcprotectsys_Dcprotectrwi date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1061-L1080" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1061-L1080" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ff55c1f308a5694eb66a3e9ba326266c826c5341c44958831a7a59a23ed5ecc8" logic_hash = "298b509c736082f651b32be6ff3ba8b2044d48e8d1ac5c411449524750794d4f" score = 40 @@ -268593,8 +268640,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_A855 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1083-L1103" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1083-L1103" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a855b6ec385b3369c547a3c54e88a013dd028865aba0f3f08be84cdcbaa9a0f6" hash = "49ef680510e3dac6979a20629d10f06822c78f45b9a62ec209b71827a526be94" hash = "653f6a65e0e608cae217bea2f90f05d8125cf23f83ba01a60de0f5659cfa5d4d" @@ -268624,8 +268671,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realtek_Rtkiosys_Realtekiodriver_DB71 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1106-L1125" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1106-L1125" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "db711ec3f4c96b60e4ed674d60c20ff7212d80e34b7aa171ad626eaa8399e8c7" logic_hash = "c62675b8ae01311a74bd0b0717219dde73badf621f2b6af1d5d6ff12317048f0" score = 40 @@ -268654,8 +268701,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Iobit_Monitorsys_Advancedsystemcare_E4A7 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1128-L1147" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1128-L1147" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e4a7da2cf59a4a21fc42b611df1d59cae75051925a7ddf42bf216cc1a026eadb" logic_hash = "798dad45f7ac1267da440c3ca7aba1da1dbd2bdead9b6979379902e009bbd2a2" score = 40 @@ -268684,8 +268731,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Iobit_Iobitunlockersys_Iobitunlocker_2B33 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1150-L1181" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1150-L1181" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2b33df9aff7cb99a782b252e8eb65ca49874a112986a1c49cd9971210597a8ae" hash = "faa9aa7118ecf9bb6594281f6b582f1ced0cc62d5db09a2fbf9b7ce70c532285" hash = "507724d96a54f3e45c16a065bf38ae82a9b80d07096a461068a701cae0c1cf29" @@ -268726,8 +268773,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Phoenixtechnologiesltd_Phlashnt_Winphlash_65DB : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1184-L1203" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1184-L1203" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "65db1b259e305a52042e07e111f4fa4af16542c8bacd33655f753ef642228890" logic_hash = "52b33a82d9835242e397f693094494508a9a1e17ab7125ad6818130f4b2dc2de" score = 40 @@ -268756,8 +268803,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Arthurliberman_Alsysiosys_Alsysio_7196 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1206-L1225" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1206-L1225" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7196187fb1ef8d108b380d37b2af8efdeb3ca1f6eefd37b5dc114c609147216d" logic_hash = "c69a031ad9d7eff41358cd2ae9404c25c48ca747ac5fc9b806e48be2fe59aee8" score = 40 @@ -268786,8 +268833,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Advancedmicrodevices_Aoddriversys_Amdoverdrivese date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1228-L1248" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1228-L1248" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f4dc11b7922bf2674ca9673638e7fe4e26aceb0ebdc528e6d10c8676e555d7b2" hash = "070ff602cccaaef9e2b094e03983fd7f1bf0c0326612eb76593eabbf1bda9103" logic_hash = "6d49bcb5159d3be15ec42748089baff846ce661446a73d7986deb945e379a45f" @@ -268817,8 +268864,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrddkprovider_Rtportsys_Windowsrddkprovide date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1251-L1271" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1251-L1271" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "8fe429c46fedbab8f06e5396056adabbb84a31efef7f9523eb745fc60144db65" hash = "71423a66165782efb4db7be6ce48ddb463d9f65fd0f266d333a6558791d158e5" logic_hash = "c768c1592586c6a053f69d8f64c66ba213dc054113d98f3144610fdb5978a0f1" @@ -268848,8 +268895,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Anticheatexpertcom_Acebase_Anticheatexpert_7326 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1274-L1292" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1274-L1292" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7326aefff9ea3a32286b423a62baebe33b73251348666c1ee569afe62dd60e11" logic_hash = "c309c294def3fb6601ab76b4b67bdda0d38db398a8a56b0ced0d4ce8cafc8602" score = 40 @@ -268877,8 +268924,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Gigabytetechnologycoltd_Gdrvsys_Gigabytesoftware date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1295-L1314" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1295-L1314" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "133e542842656197c5d22429bd56d57aa33c9522897fdf29853a6d321033c743" logic_hash = "8294e9a9d7bf9e4471d494ca78db936c69b2b2ee495207cde79aeabff9910463" score = 40 @@ -268907,8 +268954,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Ngiodriversys_Avastng_1072 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1317-L1337" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1317-L1337" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1072beb3ff6b191b3df1a339e3a8c87a8dc5eae727f2b993ea51b448e837636a" hash = "e8eb1c821dbf56bde05c0c49f6d560021628df89c29192058ce68907e7048994" logic_hash = "99645f9bf3c3ba88788ad609ee067cdda808effac07990db725b9be5fca32658" @@ -268938,8 +268985,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cpuid_Cpuzsys_Cpuidservice_8A07 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1340-L1369" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1340-L1369" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "8a0702681bc51419fbd336817787a966c7f92cabe09f8e959251069578dfa881" hash = "26e3bfef255efd052a84c3c43994c73222b14c95db9a4b1fc2e98f1a5cb26e43" hash = "65e3548bc09dffd550e79501e3fe0fee268f895908e2bba1aa5620eb9bdac52d" @@ -268978,8 +269025,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cpuid_Cpuzsys_Cpuidservice_0D37 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1372-L1409" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1372-L1409" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0d3790af5f8e5c945410929e31d06144a471ac82f828afe89a4758a5bbeb7f9f" hash = "523d1d43e896077f32cd9acaa8e85b513bfb7b013a625e56f0d4e9675d9822ba" hash = "df0dcfb3971829af79629efd036b8e1c6e2127481b3644ccc6e2ddd387489a15" @@ -269026,8 +269073,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Proxydrvsys_Nn_C0E7 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1412-L1431" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1412-L1431" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c0e74f565237c32989cb81234f4b5ad85f9dd731c112847c0a143d771021cb99" logic_hash = "b4248d60006efcf3f489cfad8a68bbf594bd45f75e8b9c8d7b9f727c6ee05042" score = 40 @@ -269056,8 +269103,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_5381 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1434-L1454" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1434-L1454" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "53810ca98e07a567bb082628d95d796f14c218762cbbaa79704740284dccda4b" hash = "8e88cb80328c3dbaa2752591692e74a2fae7e146d7d8aabc9b9ac9a6fe561e6c" hash = "003e61358878c7e49e18420ee0b4a37b51880be40929a76e529c7b3fb18e81b4" @@ -269087,8 +269134,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Netfiltersys_26D6 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1457-L1478" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1457-L1478" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "26d67d479dafe6b33c980bd1eed0b6d749f43d05d001c5dcaaf5fcddb9b899fe" hash = "6a234a2b8eb3844f7b5831ee048f88e8a76e9d38e753cc82f61b234c79fe1660" hash = "2fa78c2988f9580b0c18822b117d065fb419f9c476f4cfa43925ba6cd2dffac3" @@ -269119,8 +269166,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Asustek_Driversys_Ectool_927C : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1481-L1503" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1481-L1503" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "927c2a580d51a598177fa54c65e9d2610f5f212f1b6cb2fbf2740b64368f010a" hash = "42851a01469ba97cdc38939b10cf9ea13237aa1f6c37b1ac84904c5a12a81fa0" hash = "1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb" @@ -269152,8 +269199,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmelsys_Trendmicroearlylaunchantim date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1506-L1525" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1506-L1525" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "dd628061d6e53f3f0b44f409ad914b3494c5d7b5ff6ff0e8fc3161aacec93e96" logic_hash = "f0bf2e418bed091c1d9f1d604f284586f27d2d28b277c29f241aeaee9b9bdccf" score = 40 @@ -269182,8 +269229,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Intelcorp_Stdcdrvwssys_Selftestdatacollectordriv date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1528-L1547" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1528-L1547" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "70afdc0e11db840d5367afe53c35d9642c1cf616c7832ab283781d085988e505" logic_hash = "06aae42f1cfaaa5d797ef384786a8cdb54685465240d324216d8832be82c5db0" score = 40 @@ -269212,8 +269259,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realteksemiconductorcorp_Rtportsys_Realtekportio date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1550-L1569" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1550-L1569" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ff322cd0cc30976f9dbdb7a3681529aeab0de7b7f5c5763362b02c15da9657a1" logic_hash = "814b2a2bc284623f620341ec841cd080eb04ef9c9f4a11387d0b79c5010e70e8" score = 40 @@ -269242,8 +269289,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realtek_Rtkiosys_Realtekiodriver_A6F7 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1572-L1591" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1572-L1591" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a6f7897cd08fe9de5e902bb204ff87215584a008f458357d019a50d6139ca4af" logic_hash = "e6b52b789ba1f5bf60722a7b4ec2f94e650b186605ea558780018edaa74090b4" score = 40 @@ -269272,8 +269319,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_834A : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1594-L1613" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1594-L1613" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "834a3d755b5ae798561f8e5fbb18cf28dfcae7a111dc6a03967888e9d10f6d78" hash = "e89cb7217ec1568b43ad9ca35bf059b17c3e26f093e373ab6ebdeee24272db21" logic_hash = "54a915ecbb2fb9f77603a19628d8130cf9896bc649618e3448442e1408b1f8a4" @@ -269302,8 +269349,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Asustekcomputerinc_Eiosys_Asusvgakernelmodedrive date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1616-L1637" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1616-L1637" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f4c7e94a7c2e49b130671b573a9e4ff4527a777978f371c659c3f97c14d126de" hash = "cf69704755ec2643dfd245ae1d4e15d77f306aeb1a576ffa159453de1a7345cb" hash = "1fac3fab8ea2137a7e81a26de121187bf72e7d16ffa3e9aec3886e2376d3c718" @@ -269334,8 +269381,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_F42E : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1640-L1659" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1640-L1659" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f42eb29f5b2bcb2a70d796fd71fd1b259d5380b216ee672cf46dcdd4604b87ad" logic_hash = "2bbf7257a20468f12ffa8e8dc70c126a41124043acfcae776cda173ed68788c3" score = 40 @@ -269364,8 +269411,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibsys_Ntiolib_CF4B : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1662-L1681" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1662-L1681" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "cf4b5fa853ce809f1924df3a3ae3c4e191878c4ea5248d8785dc7e51807a512b" logic_hash = "50f8cbf8834910e3560b3d092ae897977db2c9cb26107219e1604b2c26bba2ae" score = 40 @@ -269394,8 +269441,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Computerzsys_Ludashisystemdriver_3867 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1684-L1704" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1684-L1704" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "386745d23a841e1c768b5bdf052e0c79bb47245f9713ee64e2a63f330697f0c8" hash = "5aee1bae73d056960b3a2d2e24ea07c44358dc7bc3f8ac58cc015cccc8f8d89c" logic_hash = "f911813c40d65c443b01e00635da122cd1969817c6d3842eca7a5a20ff57513e" @@ -269425,8 +269472,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_D783 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1707-L1726" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1707-L1726" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d783ace822f8fe4e25d5387e5dd249cb72e62f62079023216dc436f1853a150f" logic_hash = "f92c013f7c10a9c63b2f630b198d9ef360e944182b9760e8c268dc7145f82e95" score = 40 @@ -269455,8 +269502,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpot_Avastantivirus_4B52 : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1729-L1748" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1729-L1748" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4b5229b3250c8c08b98cb710d6c056144271de099a57ae09f5d2097fc41bd4f1" logic_hash = "c1df652b20d7bbea94d71bdef159c26b59180b736859bb4a16d03880a99d2841" score = 40 @@ -269485,8 +269532,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Insydesoftwarecorp_Segwindrvxsys_Segwindowsdrive date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1751-L1770" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1751-L1770" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "38d6d90d543bf6037023c1b1b14212b4fa07731cbbb44bdb17e8faffc12b22e8" logic_hash = "d1cc4c2d1335784f723849ab37131f3b5384628652594fe8e3a1ab4b0729eacd" score = 40 @@ -269515,8 +269562,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Biostargroup_Iodriver_Biostariodriverfle_42E1 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1773-L1794" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1773-L1794" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "42e170a7ab1d2c160d60abfc906872f9cfd0c2ee169ed76f6acb3f83b3eeefdb" hash = "f929bead59e9424ab90427b379dcdd63fbfe0c4fb5e1792e3a1685541cd5ec65" hash = "55fee54c0d0d873724864dc0b2a10b38b7f40300ee9cae4d9baaf8a202c4049a" @@ -269547,8 +269594,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytes_Elbycdio_Cdrtools_07AF : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1797-L1816" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1797-L1816" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "07af8c5659ad293214364789df270c0e6d03d90f4f4495da76abc2d534c64d88" logic_hash = "832d90cd437cb6912630943fcae9e103341c0bc6770a4515525cf42f72812faa" score = 40 @@ -269577,8 +269624,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Mitactechnologycorporation_Mtcbsvsys_Mitacsystem date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1819-L1838" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1819-L1838" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c9cf1d627078f63a36bbde364cd0d5f2be1714124d186c06db5bcdf549a109f8" logic_hash = "402e0a50c61722ffbbf6778df2483750fae17d6a18d8b247d65df8302d725c14" score = 40 @@ -269607,8 +269654,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realixtm_Hwinfosys_Hwinfokerneldriver_7125 : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1841-L1860" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1841-L1860" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7125c9831a52d89d3d59fb28043b67fbe0068d69732da006fabb95550d1fa730" logic_hash = "b91987339120b171bf8059bd06c95b25ec8124a902d53c0d05558e95bdfa588b" score = 40 @@ -269637,8 +269684,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Intelcorporation_Iqvwsys_Intelriqvwsys_5F65 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1863-L1882" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1863-L1882" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5f6547e9823f94c5b94af1fb69a967c4902f72b6e0c783804835e6ce27f887b0" logic_hash = "66fa3b5461eb9cf7c9f0eba976ac1546338ac11b937cc9753340042a0dc49066" score = 40 @@ -269667,8 +269714,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tgsoftsas_Viragtsys_Viritagentsystem_58A7 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1885-L1904" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1885-L1904" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "58a74dceb2022cd8a358b92acd1b48a5e01c524c3b0195d7033e4bd55eff4495" logic_hash = "f1f16f31db7cd1249b3a76eddf0091a1b89d158da5c3beb1e3ed5ec18a3a7d72" score = 40 @@ -269697,8 +269744,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Panyazilimbilisimteknolojileriticltdsti_Panmonfl date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1907-L1926" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1907-L1926" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "06508aacb4ed0a1398a2b0da5fa2dbf7da435b56da76fd83c759a50a51c75caf" logic_hash = "ad7595823bec8291999096f6249051d51741761c09e5a00ed72b01beeb13389b" score = 40 @@ -269727,8 +269774,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1929-L1949" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1929-L1949" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d633055c7eda26dacfc30109eb790625519fc7b0a3a601ceed9e21918aad8a1b" hash = "29f449fca0a41deccef5b0dccd22af18259222f69ed6389beafe8d5168c59e36" logic_hash = "40d935ad81305da16adadabbbb18376bb0af64df5ce164625ec1e223ee01ceba" @@ -269758,8 +269805,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_0F17 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1952-L1971" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1952-L1971" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0f17e5cfc5bdd74aff91bfb1a836071345ba2b5d1b47b0d5bf8e7e0d4d5e2dbf" logic_hash = "3e9d3d998c97ac3491211c231552ee36be1428ca8ec61e89e9c1c1b7ff4ccf22" score = 40 @@ -269788,8 +269835,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Bsmisys_5962 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1974-L1992" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1974-L1992" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "59626cac380d8fe0b80a6d4c4406d62ba0683a2f0f68d50ad506ca1b1cf25347" hash = "552f70374715e70c4ade591d65177be2539ec60f751223680dfaccb9e0be0ed9" logic_hash = "2ddfc5fea50425403654a8c60b372e2416cb0e0424ab26a8812e0b1fb35d399d" @@ -269817,8 +269864,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_C6FE : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L1995-L2016" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L1995-L2016" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c6feb3f4932387df7598e29d4f5bdacec0b9ce98db3f51d96fc4ffdcc6eb10e1" hash = "e7b79fe1377b3da749590c080d4d96e59e622b1013b2183b98c81baa8bf2fffe" hash = "f77fe6b1e0e913ac109335a8fa2ac4961d35cbbd50729936059aba8700690a9e" @@ -269849,8 +269896,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_AF16 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2019-L2038" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2019-L2038" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "af16c36480d806adca881e4073dcd41acb20c35ed0b1a8f9bd4331de655036e1" logic_hash = "390b48999576261d87a970dee3dd1da4d82f45bdcf4db37be180c464bacfa488" score = 40 @@ -269879,8 +269926,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibsys_Ntiolib_99F4 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2041-L2090" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2041-L2090" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "99f4994a0e5bd1bf6e3f637d3225c69ff4cd620557e23637533e7f18d7d6cba1" hash = "56a3c9ac137d862a85b4004f043d46542a1b61c6acb438098a9640469e2d80e7" hash = "c2a4ddcc9c3b339d752c48925d62fc4cc5adbf6fae8fedef74cdd47e88da01f8" @@ -269939,8 +269986,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Ncrcorporation_Radhwmgrsys_Ncrcorporationhardwar date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2093-L2112" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2093-L2112" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7c8ad57b3a224fdc2aac9dd2d7c3624f1fcd3542d4db804de25a90155657e2cc" logic_hash = "cc7c365f36d9c7fc0367b57f9d5b24004c8c4453e0ed227941623c6057fce39a" score = 40 @@ -269969,8 +270016,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avaluetechnologyinc_Avalueio_Avalueio_A5A4 : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2115-L2135" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2115-L2135" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a5a4a3c3d3d5a79f3ed703fc56d45011c21f9913001fcbcc43a3f7572cff44ec" hash = "defde359045213ae6ae278e2a92c5b4a46a74119902364c7957a38138e9c9bbd" logic_hash = "ec187ba5aadc7b9395008155d4b6331b099b3ae9e3ab738568a9980b3d0ce448" @@ -270000,8 +270047,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Asustekcomputerinc_Bsdefsys_Supportsstsfssteeatf date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2138-L2160" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2138-L2160" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5f5e5f1c93d961985624768b7c676d488c7c7c1d4c043f6fc1ea1904fefb75be" hash = "3326e2d32bbabd69feb6024809afc56c7e39241ebe70a53728c77e80995422a5" hash = "0040153302b88bee27eb4f1eca6855039e1a057370f5e8c615724fa5215bada3" @@ -270033,8 +270080,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_F27F : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2163-L2186" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2163-L2186" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f27febff1be9e89e48a9128e2121c7754d15f8a5b2e88c50102cecee5fe60229" hash = "8138b219a2b1be2b0be61e5338be470c18ad6975f11119aee3a771d4584ed750" hash = "e16dc51c51b2df88c474feb52ce884d152b3511094306a289623de69dedfdf48" @@ -270067,8 +270114,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Almicosoftware_Sfdrvxsys_Speedfan_X_965D : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2189-L2208" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2189-L2208" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "965d4f981b54669a96c5ab02d09bf0a9850d13862425b8981f1a9271350f28bb" logic_hash = "e5ba23bf3914d121647d6b7aef5ec81d9d62af56397e152fb39179349f1f6146" score = 40 @@ -270097,8 +270144,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_5A66 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2211-L2234" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2211-L2234" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5a661e26cfe5d8dedf8c9644129039cfa40aebb448895187b96a8b7441d52aaa" hash = "fb81b5f8bf69637dbdf050181499088a67d24577587bc520de94b5ee8996240f" hash = "202d9703a5b8d06c5f92d2c5218a93431aa55af389007826a9bfaaf900812213" @@ -270131,8 +270178,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Panyazilimbilisimteknolojileriticltdsti_Panioxsy date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2237-L2256" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2237-L2256" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6b830ea0db6546a044c9900d3f335e7820c2a80e147b0751641899d1a5aa8f74" logic_hash = "d6d95fe0d738012ca0643f478c59accd2d1e47742a502f5fea65040e59e9f42a" score = 40 @@ -270161,8 +270208,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_82FB : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2259-L2278" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2259-L2278" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "82fbcb371d53b8a76a25fbbafaae31147c0d1f6b9f26b3ea45262c2267386989" logic_hash = "38df982e74818094d0aa508b6b0ad94b885e6554760b4678de833fcc86e8bb13" score = 40 @@ -270191,8 +270238,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Entechtaiwan_Seasys_Softenginex_6CB5 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2281-L2300" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2281-L2300" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6cb51ae871fbd5d07c5aad6ff8eea43d34063089528603ca9ceb8b4f52f68ddc" logic_hash = "aa425e95a0b920bf68c0221d8fb1cc16f00755b626f496b758cf50d26949c27b" score = 40 @@ -270221,8 +270268,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpot_Avginternetsecurit date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2303-L2322" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2303-L2322" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0b542e47248611a1895018ec4f4033ea53464f259c74eb014d018b19ad818917" logic_hash = "264c22a6b54b47962561ea3d8400aab606dd2d28f5d288ba4777ff2ca290c38e" score = 40 @@ -270251,8 +270298,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Razerinc_Rzpnk_Rzpnk_F159 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2325-L2347" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2325-L2347" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f15962354d37089884abba417f58e9dbd521569b4f69037a24a37cfc2a490672" hash = "9fa120bda98633e30480d8475c9ac6637470c4ca7c63763560bf869138091b01" hash = "0b547368c03e0a584ae3c5e62af3728426c68b316a15f3290316844d193ad182" @@ -270284,8 +270331,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_1273 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2350-L2369" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2350-L2369" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1273b74c3c1553eaa92e844fbd51f716356cc19cf77c2c780d4899ec7738fbd1" logic_hash = "1bf31b51302ade1b65e6c24a0dfcc6e144a2f0104e687cef4a14e6307c27c9e1" score = 40 @@ -270314,8 +270361,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_3854 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2372-L2392" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2372-L2392" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "385485e643aa611e97ceae6590c6a8c47155886123dbb9de1e704d0d1624d039" hash = "b773511fdb2e370dec042530910a905472fcc2558eb108b246fd3200171b04d3" logic_hash = "0cdfef6284465ea9f5509cb4e0ad6efb531d60150fb355a388f8152b322e3da9" @@ -270345,8 +270392,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Advancedmicrodevices_Aoddriversys_Amdoverdrivese date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2395-L2416" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2395-L2416" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3c11dec1571253594d64619d8efc8c0212897be84a75a8646c578e665f58bf5d" hash = "5a0b10a9e662a0b0eeb951ffd2a82cc71d30939a78daebd26b3f58bb24351ac9" hash = "7a1105548bfc4b0a1b7b891cde0356d39b6633975cbcd0f2e2d8e31b3646d2ca" @@ -270377,8 +270424,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrcodenamelonghornddkprovider_Cpuzsys_Wind date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2419-L2438" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2419-L2438" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "eaa5dae373553024d7294105e4e07d996f3a8bd47c770cdf8df79bf57619a8cd" logic_hash = "9149c106ff7ea0326b9e010ef7ae32c25f57c3b9b2e738f4915eda205a512888" score = 40 @@ -270407,8 +270454,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Zemanaltd_Zam_8FE9 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2441-L2457" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2441-L2457" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "8fe9828bea83adc8b1429394db7a556a17f79846ad0bfb7f242084a5c96edf2a" logic_hash = "f293cb0a8bbc710428a7a4ae582f9d6ed60954afeb84efe8b74da38ff41732c1" score = 40 @@ -270434,8 +270481,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrcodenamelonghornddkprovider_Cpuzsys_Wind date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2460-L2487" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2460-L2487" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "49329fa09f584d1960b09c1b15df18c0bc1c4fdb90bf48b6b5703e872040b668" hash = "84c5f6ddd9c90de873236205b59921caabb57ac6f7a506abbe2ce188833bbe51" hash = "8e92aacd60fca1f09b7257e62caf0692794f5d741c5d1eec89d841e87f2c359c" @@ -270472,8 +270519,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibsys_Ntiolib_3D9E : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2490-L2509" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2490-L2509" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3d9e83b189fcf5c3541c62d1f54a0da0a4e5b62c3243d2989afc46644056c8e3" logic_hash = "fdb944988945780b774d73f3d729d2468b0c9006aca100fa8bbf913a9c5402c6" score = 40 @@ -270502,8 +270549,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Logitech_Lgcoretempsys_Lgcoretemp_E0CB : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2512-L2531" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2512-L2531" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e0cb07a0624ddfacaa882af49e3783ae02c9fbd0ab232541a05a95b4a8abd8ef" logic_hash = "f3162a80eb6ab357766aaafbf62aec608291873980c81c6d21d835bc349cda76" score = 40 @@ -270532,8 +270579,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Intelcorporation_Stdcdrvsys_Selftestdatacollecto date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2534-L2553" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2534-L2553" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "37022838c4327e2a5805e8479330d8ff6f8cd3495079905e867811906c98ea20" logic_hash = "dfc77d3461c57240baea160b35e9174aa370fc533d08a9331dd8ce53a0048ad4" score = 40 @@ -270562,8 +270609,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibsys_Ntiolib_2BBE : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2556-L2576" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2556-L2576" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2bbe65cbec3bb069e92233924f7ee1f95ffa16173fceb932c34f68d862781250" hash = "e68d453d333854787f8470c8baef3e0d082f26df5aa19c0493898bcf3401e39a" logic_hash = "23365c52fd3ce5d9c113c0779072b82325632c75f27cbfde9037b7ffc543a209" @@ -270593,8 +270640,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Gigabytetechnologycoltd_Gdrvsys_Gigabytesoftware date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2579-L2599" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2579-L2599" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "092d04284fdeb6762e65e6ac5b813920d6c69a5e99d110769c5c1a78e11c5ba0" hash = "0ce40a2cdd3f45c7632b858e8089ddfdd12d9acb286f2015a4b1b0c0346a572c" logic_hash = "771400b6e3f2d216fd38db681bf78fbc4e764a45ff9e11d2e33b62f93ac4a8e2" @@ -270624,8 +270671,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrddkprovider_Rtportsys_Windowsrddkprovide date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2602-L2621" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2602-L2621" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3c0a36990f7eef89b2d5f454b6452b6df1304609903f31f475502e4050241dd8" logic_hash = "0460def7e251adf398560c0f05cac2d161951339eb2bcc2b2f4840edbd0d6991" score = 40 @@ -270654,8 +270701,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Ngiodriversys_Avastng_5FAE : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2624-L2643" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2624-L2643" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5fae7e491b0d919f0b551e15e0942ac7772f2889722684aea32cff369e975879" logic_hash = "7dfbd2e11b8a37a8b276a2279f19f57064f3d561cf2555680c71679206ec1452" score = 40 @@ -270684,8 +270731,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Innotekgmbh_Vboxusbmonsys_Virtualboxusbmonitordr date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2646-L2665" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2646-L2665" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3d055be2671e136c937f361cef905e295ddb6983526341f1d5f80a16b7655b40" logic_hash = "ca021b6b3c733e75d33996652ca9602541e4c9eb9e74f2a995d1b2c2989ca68b" score = 40 @@ -270714,8 +270761,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Ngiodriversys_Avastng_1A45 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2668-L2687" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2668-L2687" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1a450ae0c9258ab0ae64f126f876b5feed63498db729ec61d06ed280e6c46f67" logic_hash = "51f72d08bd6f0b0e683a9af729e16e08e8d652d9ea5f43872aa402ec3da65cfe" score = 40 @@ -270744,8 +270791,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_62F5 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2690-L2710" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2690-L2710" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "62f5e13b2edc00128716cb93e6a9eddffea67ce83d2bb426f18f5be08ead89e0" hash = "ee3ff12943ced401e2b6df9e66e8a0be8e449fa9326cab241f471b2d8ffefdd7" logic_hash = "13b9c0f468e8ce5a9ff8938879d6d22a56c0d7e01b3a72969ecff55954a07b89" @@ -270775,8 +270822,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Yyinc_Dianhu_80CB : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2713-L2731" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2713-L2731" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "80cbba9f404df3e642f22c476664d63d7c229d45d34f5cd0e19c65eb41becec3" hash = "bb50818a07b0eb1bd317467139b7eb4bad6cd89053fecdabfeae111689825955" logic_hash = "fb1f5f8687f1673585ee2652b9dde20ae925ee33d527d2052707b2370a5df1fc" @@ -270804,8 +270851,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_8F68 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2734-L2756" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2734-L2756" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "8f68ca89910ebe9da3d02ec82d935de1814d79c44f36cd30ea02fa49ae488f00" hash = "7227377a47204f8e2ff167eee54b4b3545c0a19e3727f0ec59974e1a904f4a96" hash = "c8eaa5e6d3230b93c126d2d58e32409e4aeeb23ccf0dd047a17f1ef552f92fe9" @@ -270837,8 +270884,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_A5A5 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2759-L2778" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2759-L2778" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a5a50449e2cc4d0dbc80496f757935ae38bf8a1bebdd6555a3495d8c219df2ad" logic_hash = "38048706f3e5bd4248779dc8890d14a31daafa177c51953c31f2e7a81c6871a0" score = 40 @@ -270867,8 +270914,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Wnbiossys_Windowsrwinddkd date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2781-L2800" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2781-L2800" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "530d9223ec7e4123532a403abef96dfd1af5291eb49497392ff5d14d18fccfbb" logic_hash = "73e496811ab4097aa8311e510fa913a10691a00e314944d509df05084d373379" score = 40 @@ -270897,8 +270944,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytes_Elbycdio_Cdrtools_98EC : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2803-L2822" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2803-L2822" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "98ec7cc994d26699f5d26103a0aeb361128cff3c2c4d624fc99126540e23e97e" logic_hash = "27e4fb74a63ee1fe3b3bcf97e2ed01b02d05339cce2f18c2f010577d80dbb243" score = 40 @@ -270927,8 +270974,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibsys_Ntiolib_591B : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2825-L2844" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2825-L2844" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "591bd5e92dfa0117b3daa29750e73e2db25baa717c31217539d30ffb1f7f3a52" logic_hash = "471fab20146586dacf37b9bb3f43ee578339c73f204487556987803d12a64f95" score = 40 @@ -270957,8 +271004,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Openlibsysorg_Winringsys_Winring_47EA : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2847-L2867" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2847-L2867" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "47eaebc920ccf99e09fc9924feb6b19b8a28589f52783327067c9b09754b5e84" hash = "3ec5ad51e6879464dfbccb9f4ed76c6325056a42548d5994ba869da9c4c039a8" logic_hash = "e6bea09a04b7f043d9a8cef4c8dc3e2f087fdf1a981f6d23dee728ea6d15d792" @@ -270988,8 +271035,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Insydesoftwarecorp_Segwindrvxsys_Segwindowsdrive date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2870-L2889" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2870-L2889" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "65329dad28e92f4bcc64de15c552b6ef424494028b18875b7dba840053bc0cdd" logic_hash = "b4f90f50b2e90fd8dc57778ba8f650ed201fe2f11f145e981d13021f87746d1f" score = 40 @@ -271018,8 +271065,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Advancedmicrodevices_Amdryzenmasterdriversys_Amd date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2892-L2911" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2892-L2911" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "909de5f21837ea2b13fdc4e5763589e6bdedb903f7c04e1d0b08776639774880" logic_hash = "669972137fad6a5cc701ea56cf8ae85e08d2131f026e8cf1bd5c85ca1754d3cb" score = 40 @@ -271048,8 +271095,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Atitechnologiesinc_Atillksys_Atidiagnostics_AD40 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2914-L2938" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2914-L2938" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ad40e6d0f77c0e579fb87c5106bf6de3d1a9f30ee2fbf8c9c011f377fa05f173" hash = "6c6c5e35accc37c928d721c800476ccf4c4b5b06a1b0906dc5ff4df71ff50943" hash = "38bb9751a3a1f072d518afe6921a66ee6d5cf6d25bc50af49e1925f20d75d4d7" @@ -271083,8 +271130,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Computerzsys_Ludashisystemdriver_E502 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2941-L2963" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2941-L2963" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e502c2736825ea0380dd42effaa48105a201d4146e79de00713b8d3aaa98cd65" hash = "5c80dc051c4b0c62b9284211f71e5567c0c0187e466591eacb93e7dc10e4b9ab" hash = "d6801e845d380c809d0da8c7a5d3cd2faa382875ae72f5f7af667a34df25fbf7" @@ -271116,8 +271163,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpot_Avginternetsecurit date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2966-L2985" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2966-L2985" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0cd4ca335155062182608cad9ef5c8351a715bce92049719dd09c76422cd7b0c" logic_hash = "b0ef81e3a05326390a7d2f00499cf3aaf0610b03f3df2313d5a1f2dddff3555f" score = 40 @@ -271146,8 +271193,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroaegis_3FA6 : F date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L2988-L3007" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L2988-L3007" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3fa6379951f08ed3cb87eeba9cf0c5f5e1d0317dcfcf003b810df9d795eeb73e" logic_hash = "c1d75b4073f212403f3e7b50cd8c1ea2a8a979bca7cf2dd4cd05bfca03d49c48" score = 40 @@ -271176,8 +271223,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_3E1D : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3010-L3029" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3010-L3029" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3e1d47a497babbfd1c83905777b517ec87c65742bee7eb57a2273eca825d2272" logic_hash = "29f4dbbd8dd749a9ccf94cd59010c8c8b63ce1d33c93f05b1f24b1e6a216aff6" score = 40 @@ -271206,8 +271253,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpotsys_Avginternetsecu date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3032-L3051" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3032-L3051" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6fb5bc9c51f6872de116c7db8a2134461743908efc306373f6de59a0646c4f5d" logic_hash = "108670db45ff60bd5d31187755019cd7530f29da12d36c96be06880c23d5e7f9" score = 40 @@ -271236,8 +271283,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_3B71 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3054-L3075" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3054-L3075" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3b7177e9a10c1392633c5f605600bb23c8629379f7f42957972374a05d4dc458" hash = "72b67b6b38f5e5447880447a55fead7f1de51ca37ae4a0c2b2f23a4cb7455f35" hash = "d04c72fd31e7d36b101ad30e119e14f6df9cbc7a761526da9b77f9e0b9888bc4" @@ -271268,8 +271315,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Almicosoftware_Sfdrvxsys_Speedfan_X_0BD1 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3078-L3097" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3078-L3097" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0bd1523a68900b80ed1bccb967643525cca55d4ff4622d0128913690e6bb619e" logic_hash = "c5fa94fee1260b2c8f188c996ed4ce2095ad8c72fcf6a03b6985303209f17a3a" score = 40 @@ -271298,8 +271345,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Almicosoftware_Sfdrvxsys_Speedfan_X_1E94 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3100-L3119" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3100-L3119" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1e94d4e6d903e98f60c240dc841dcace5f9e8bbb0802e6648a49ab80c23318cb" logic_hash = "86cbd2762bb8bf050343f4e738216a33764997046a9b59bbb6a435afa2859f0e" score = 40 @@ -271328,8 +271375,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Hpdevelopmentcompany_Etdsuppsys_Hpetdidriverdll_ date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3122-L3141" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3122-L3141" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f744abb99c97d98e4cd08072a897107829d6d8481aee96c22443f626d00f4145" logic_hash = "9fcdfda30bb8fb16c5112c22b34be1c42f9ce1a32d21a7554ba0aff2a7696aa1" score = 40 @@ -271358,8 +271405,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Netfiltersys_Windowsrwind date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3144-L3170" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3144-L3170" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "db1dbb09d437d3e8bed08c88ca43769b4fe8728f68b78ff6f9c8d2557e28d2b1" hash = "5c54a5cd3386ac14725a07962562e9fdcefbb7be0d19803f9d71de24573de1e3" hash = "6703400b490b35bcde6e41ce1640920251855e6d94171170ae7ea22cdd0938c0" @@ -271395,8 +271442,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realtek_Rtkiosys_Realtekiodriver_4ED2 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3173-L3192" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3173-L3192" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4ed2d2c1b00e87b926fb58b4ea43d2db35e5912975f4400aa7bd9f8c239d08b7" logic_hash = "07981841e989bc762fbce94915e29595b1e6db881ed57064c03b126019538fca" score = 40 @@ -271425,8 +271472,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Netfiltersys_1265 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3195-L3216" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3195-L3216" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "12656fc113b178fa3e6bfffc6473897766c44120082483eb8059ebff29b5d2df" hash = "7ff8fe4c220cf6416984b70a7e272006a018e5662da3cedc2a88efeb6411b4a4" hash = "1cd75de5f54b799b60789696587b56a4a793cf60775b81f236f0e65189d863af" @@ -271457,8 +271504,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Intelcorporation_Iqvwsys_Intelriqvwsys_1F81 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3219-L3238" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3219-L3238" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1f8168036d636aad1680dd0f577ef9532dbb2dad3591d63e752b0ba3ee6fd501" logic_hash = "e5b9e4c1559e91b575933d2dd5574a6c374fe967256f65243122c22efbc666ce" score = 40 @@ -271487,8 +271534,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Iobit_Iobitunlockersys_Iobitunlocker_C79A : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3241-L3260" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3241-L3260" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c79a2bb050af6436b10b58ef04dbc7082df1513cec5934432004eb56fba05e66" logic_hash = "b711978610592c579a05d332b72c294a5b960a18033264d6a75b8b482dbe8903" score = 40 @@ -271517,8 +271564,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_16B5 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3263-L3282" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3263-L3282" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "16b591cf5dc1e7282fdb25e45497fe3efc8095cbe31c05f6d97c5221a9a547e1" logic_hash = "57f379da59234cd2e83802180faecd15784a28fcd09f2eb0a5944f494972c9fc" score = 40 @@ -271547,8 +271594,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Phoenixtechnologies_Agentsys_Driveragent_4045 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3285-L3309" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3285-L3309" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4045ae77859b1dbf13972451972eaaf6f3c97bea423e9e78f1c2f14330cd47ca" hash = "8cb62c5d41148de416014f80bd1fd033fd4d2bd504cb05b90eeb6992a382d58f" hash = "6948480954137987a0be626c24cf594390960242cd75f094cd6aaa5c2e7a54fa" @@ -271582,8 +271629,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Ludashicom_Computerzsys_FA77 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3312-L3332" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3312-L3332" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "fa77a472e95c4d0a2271e5d7253a85af25c07719df26941b39082cfc0733071a" hash = "423f052690b6b523502931151dfcc63530e3bd9d79680f9b5ac033b23b5c6f18" logic_hash = "e59a975ce22fb83623ae84000e07bcc0f2060b7e16cfc3e2b538138246ef296a" @@ -271613,8 +271660,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tgsoftsas_Viragtsys_Viritagentsystem_D0E2 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3335-L3354" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3335-L3354" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d0e25b879d830e4f867b09d6540a664b6f88bad353cd14494c33b31a8091f605" logic_hash = "c265c6c89ea9bf09b9dcf47e1ce60f3531d76521a0ef1bbdc07d401a7b4164ed" score = 40 @@ -271643,8 +271690,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Openlibsysorg_Openlibsyssys_Openlibsys_F060 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3357-L3376" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3357-L3376" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f0605dda1def240dc7e14efa73927d6c6d89988c01ea8647b671667b2b167008" logic_hash = "c73f19c87d63e9986e5f44a368f4b8305b7bff17ebdeb85f309751f54f76db48" score = 40 @@ -271673,8 +271720,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realixtm_Hwinfosys_Hwinfokerneldriver_4AC0 : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3379-L3398" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3379-L3398" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4ac08a6035cfcafdac712d7c3cf2eef6e10258f14cee6e80e1ef2f71f5045173" logic_hash = "b3a6dc1e2b7e806eb56133af99e995139dccddb2cba897f54144203ea3558f29" score = 40 @@ -271703,8 +271750,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Rweverything_Rwdrvsys_Rweverythingreadwritedrive date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3401-L3425" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3401-L3425" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2a652de6b680d5ad92376ad323021850dab2c653abf06edf26120f7714b8e08a" hash = "3384f4a892f7aa72c43280ff682d85c8e3936f37a68d978d307a9461149192de" hash = "2470fd1b733314c9b0afa19fd39c5d19aa1b36db598b5ebbe93445caa545da5f" @@ -271738,8 +271785,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_5027 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3428-L3447" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3428-L3447" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5027fce41ed60906a0e76b97c95c2a5a83d57a2d1cd42de232a21f26c0d58e48" logic_hash = "f2f0788448e15b372c67c310a411c9533fad7e03b24c24a1a1da7eeb595b6e75" score = 40 @@ -271768,8 +271815,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3450-L3469" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3450-L3469" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2203bd4731a8fdc2a1c60e975fd79fd5985369e98a117df7ee43c528d3c85958" logic_hash = "30602a4c8f91277805e82cdcd5ccae77b22e77644baf59d9ab2235e575ed9f25" score = 40 @@ -271798,8 +271845,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realtek_Rtkiosys_Realtekiodriver_442C : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3472-L3492" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3472-L3492" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "442c18aeb09556bb779b21185c4f7e152b892410429c123c86fc209a802bff3c" hash = "3e1f592533625bf794e0184485a4407782018718ae797103f9e968ff6f0973a1" logic_hash = "b44ece633deccb00cea884422a24053616bf92a71a7f0a0264102d548ce02bb7" @@ -271829,8 +271876,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Ludashicom_Computerzsys_468B : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3495-L3515" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3495-L3515" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "468b087a0901d7bd971ab564b03ded48c508840b1f9e5d233a7916d1da6d9bd5" hash = "f93e0d776481c4ded177d5e4aebb27f30f0d47dcb4a1448aee8b66099ac686e1" logic_hash = "b286d189f5709b74d0da658841a1a626408db584696c467b07b4c341ec6d6748" @@ -271860,8 +271907,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpot_Avginternetsecurit date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3518-L3537" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3518-L3537" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "19d0fc91b70d7a719f7a28b4ad929f114bf1de94a4c7cba5ad821285a4485da0" logic_hash = "0d4f44ece27db1def197e6353d59677915f7f58eb5ff4661d2b8e024eb07acb7" score = 40 @@ -271890,8 +271937,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Advancedmicrodevices_Amdryzenmasterdriversys_Amd date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3540-L3559" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3540-L3559" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9b1ac756e35f795dd91adbc841e78db23cb7165280f8d4a01df663128b66d194" logic_hash = "fcef672d2e2c24f4b1323554ca206f3bd67657af96ad774056e5fd0181cc7ac7" score = 40 @@ -271920,8 +271967,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Panyazilimbilisimteknolojileriticltdsti_Panmonfl date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3562-L3581" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3562-L3581" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7e0124fcc7c95fdc34408cf154cb41e654dade8b898c71ad587b2090b1da30d7" logic_hash = "6f9a951d64947f6930614206f10eb51a5f43566fdc6425821608e0f847818f75" score = 40 @@ -271950,8 +271997,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3584-L3604" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3584-L3604" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f4e500a9ac5991da5bf114fa80e66456a2cde3458a3d41c14e127ac09240c114" hash = "642857fc8d737e92db8771e46e8638a37d9743928c959ed056c15427c6197a54" logic_hash = "a787fd5e5b62f39a19222a8167382966dd707e2aba99f4c08ad839b221a17e75" @@ -271981,8 +272028,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Lenovogrouplimitedr_Lenovodiagnosticsdriversys_L date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3607-L3626" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3607-L3626" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f05b1ee9e2f6ab704b8919d5071becbce6f9d0f9d0ba32a460c41d5272134abe" logic_hash = "22098d721c4814786834b3ea781283f53d195ba35f51fc8fd75b45f7781d39d4" score = 40 @@ -272011,8 +272058,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_3F20 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3629-L3645" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3629-L3645" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3f20ac5dac9171857fc5791865458fdb6eac4fab837d7eabc42cb0a83cb522fc" logic_hash = "6265acf1ebd52e5efe41774f35b3b01ede27f18c04975ac57afbd62b7d6d7600" score = 40 @@ -272038,8 +272085,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Toshibacorporation_Nchgbiosxsys_Toshibabiospacka date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3648-L3667" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3648-L3667" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7d4ca5760b6ad2e4152080e115f040f9d42608d2c7d7f074a579f911d06c8cf8" logic_hash = "a724598247e27cca91bd76f60ebbad471d199ae290c8ec100bcf1efc02b74963" score = 40 @@ -272068,8 +272115,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Dell_Dbutil_71FE : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3670-L3686" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3670-L3686" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "71fe5af0f1564dc187eea8d59c0fbc897712afa07d18316d2080330ba17cf009" logic_hash = "dad7c23d78176f31a2a324998e3170a5096a50389ff83af590503fac69791890" score = 40 @@ -272095,8 +272142,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cn_Computerzsys_6D2C : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3689-L3709" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3689-L3709" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6d2cc7e1d95bb752d79613d0ea287ea48a63fb643dcb88c12b516055da56a11d" hash = "8047859a7a886bcf4e666494bd03a6be9ce18e20dc72df0e5b418d180efef250" logic_hash = "c2c74038259bec413bbacf0957449d1da5291b84c6f6848e5573ca50bbea006f" @@ -272126,8 +272173,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Atszio_Atsziodriver_673B : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3712-L3731" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3712-L3731" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "673bcec3d53fab5efd6e3bac25ac9d6cc51f6bbdf8336e38aade2713dc1ae11b" hash = "31d8fc6f5fb837d5eb29db828d13ba8ee11867d86a90b2c2483a578e1d0ec43a" logic_hash = "d3f753b1bd9dc99cece28a3da9a87e9d211207204f05f573f01391f2c1a08f07" @@ -272156,8 +272203,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Asus_Asmmapsys_Atkgenericfunctionservice_025E : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3734-L3753" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3734-L3753" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "025e7be9fcefd6a83f4471bba0c11f1c11bd5047047d26626da24ee9a419cdc4" logic_hash = "81100a6b0917bd9d6641c1f3db32353d1fe02b34feb5136c3f316f5deaa32f7d" score = 40 @@ -272186,8 +272233,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Razerinc_Rzpnk_Rzpnk_9724 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3756-L3778" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3756-L3778" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9724488ca2ba4c787640c49131f4d1daae5bd47d6b2e7e5f9e8918b1d6f655be" hash = "a66d2fb7ef7350ea74d4290c57fb62bc59c6ea93f759d4ca93c3febca7aeb512" hash = "e77786b21dbe73e9619ac9aac5e7e92989333d559aa22b4b65c97f0a42ff2e21" @@ -272219,8 +272266,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realtek_Rtkiosys_Realtekiodriver_7133 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3781-L3800" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3781-L3800" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7133a461aeb03b4d69d43f3d26cd1a9e3ee01694e97a0645a3d8aa1a44c39129" logic_hash = "7abc5f0325fa8552b38499b061dd10f6a4cdb56ba1071446ce6ca91e42b8c9f7" score = 40 @@ -272249,8 +272296,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Lgelectronicsinc_Lhasys_Microsoftwindowsoperatin date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3803-L3823" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3803-L3823" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "23ba19352b1e71a965260bf4d5120f0200709ee8657ed381043bec9a938a1ade" hash = "e75714f8e0ff45605f6fc7689a1a89c7dcd34aab66c6131c63fefaca584539cf" logic_hash = "fcc57907a8653acc1175b486f719f029ba3c982dbc73ab0cd878f08b2fcb0aad" @@ -272280,8 +272327,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elitegroupcomputersystems_Ecsiodriversys_Ecsiodr date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3826-L3845" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3826-L3845" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "270547552060c6f4f5b2ebd57a636d5e71d5f8a9d4305c2b0fe5db0aa2f389cc" logic_hash = "899c58fe4793270c3e314e2c3f04c1341b6fefedba37d53200e5477f1108a5cf" score = 40 @@ -272310,8 +272357,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cn_Computerzsys_8D33 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3848-L3868" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3848-L3868" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "8d3347c93dff62eecdde22ccc6ba3ce8c0446874738488527ea76d0645341409" hash = "31ffc8218a52c3276bece1e5bac7fcb638dca0bc95c2d385511958abdbe4e4a5" logic_hash = "9868c2b401562623484d7bc00700332a754380b25b05cb95f38a8b242e7f59fa" @@ -272341,8 +272388,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Computerzsys_Ludashisystemdriver_C586 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3871-L3891" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3871-L3891" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c586befc3fd561fcbf1cf706214ae2adaa43ce9ba760efd548d581f60deafc65" hash = "dda2a604bb94a274e23f0005f0aa330d45ca1ea25111746fb46fa5ef6d155b1d" logic_hash = "761661cb4ab100aad58ca83f20dd3eb25173bb6c987a7643ca93b91e90f25409" @@ -272372,8 +272419,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Logmeininc_Lmiinfosys_Logmein_453B : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3894-L3913" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3894-L3913" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "453be8f63cc6b116e2049659e081d896491cf1a426e3d5f029f98146a3f44233" logic_hash = "1940aec392f250b22b8480d7b75f0c1a21c7bad13c0e83a4eb6065b3d045e4cd" score = 40 @@ -272402,8 +272449,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realixtm_Hwinfosys_Hwinfokerneldriver_76AF : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3916-L3935" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3916-L3935" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "76af3f9fa111d694e37058606f2636430bdd378c85b94f426fbfcd6666ebe6cc" logic_hash = "d4031de065552af6807677430ee6aa17fb754052f6fdeb147db0105bd235acd8" score = 40 @@ -272432,8 +272479,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sisoftware_Sandra_Sisoftwaresandra_1284 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3938-L3957" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3938-L3957" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1284a1462a5270833ec7719f768cdb381e7d0a9c475041f9f3c74fa8eea83590" logic_hash = "2453f457e43fd2dade465a33189f8ae41ca5ebd16d9a9c42d8edaf22ca990916" score = 40 @@ -272462,8 +272509,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Rweverything_Asrsetupdrvsys_Asrsetupdrvdriver_9D date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3960-L3980" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3960-L3980" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9d9346e6f46f831e263385a9bd32428e01919cca26a035bbb8e9cb00bf410bc3" hash = "a0728184caead84f2e88777d833765f2d8af6a20aad77b426e07e76ef91f5c3f" logic_hash = "875be865b5c6a924c48aada4c97ae39552a9944d9efb4e419dd754ce3f7ec217" @@ -272493,8 +272540,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Insydesoftwarecorp_Segwindrvxsys_Segwindowsdrive date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L3983-L4004" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L3983-L4004" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c628cda1ef43defc00af45b79949675a8422490d32b080b3a8bb9434242bdbf2" hash = "7164aaff86b3b7c588fc7ae7839cc09c5c8c6ae29d1aff5325adaf5bedd7c9f5" hash = "0d30c6c4fa0216d0637b4049142bc275814fd674859373bd4af520ce173a1c75" @@ -272525,8 +272572,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmelsys_Trendmicroearlylaunchantim date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4007-L4026" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4007-L4026" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d0eb3ba0aff471d19260192784bf9f056d669b779b6eaff84e732b7124ce1d11" logic_hash = "434964576b56367bc1ef4a198b6d6315c00c3fea0af9f1e0f08da6b7bd2cd0d1" score = 40 @@ -272555,8 +272602,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Getactechnologycorporation_Mtcbsvsys_Getacsystem date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4029-L4049" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4029-L4049" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "edbb23e74562e98b849e5d0eefde3af056ec6e272802a04b61bebd12395754e5" hash = "4b465faf013929edf2f605c8cd1ac7a278ddc9a536c4c34096965e6852cbfb51" logic_hash = "0a729463c077e67113c7aeb1347b6ff2374fa8e4e5524b05c0a5ed2194b605b6" @@ -272586,8 +272633,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_2FBB : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4052-L4071" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4052-L4071" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2fbbc276737047cb9b3ba5396756d28c1737342d89dce1b64c23a9c4513ae445" logic_hash = "b25969777810ff75d8cc35ae042a58e35f268c09aaa6f7fd6e10b1a1741898b4" score = 40 @@ -272616,8 +272663,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sysinternalswwwsysinternalscom_Procexpsys_Proces date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4074-L4093" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4074-L4093" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "bced04bdefad6a08c763265d6993f07aa2feb57d33ed057f162a947cf0e6668f" logic_hash = "21a234179b5f2ae97262100f990587238339777bf919f8a9f04e84e64c77fb1d" score = 40 @@ -272646,8 +272693,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realtek_Rtkiowxsys_Realtekiodriver_082C : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4096-L4115" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4096-L4115" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "082c39fe2e3217004206535e271ebd45c11eb072efde4cc9885b25ba5c39f91d" logic_hash = "805a4da51dd1a85c46b830b747ed15f5cfb7539b42fd598987d3cd879d93cc97" score = 40 @@ -272676,8 +272723,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_1493 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4118-L4141" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4118-L4141" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "14938f68957ede6e2b742a550042119a8fbc9f14427fb89fa53fff12d243561c" hash = "28999af32b55ddb7dcfc26376a244aa2fe297233ce7abe4919a1aef2f7e2cee7" hash = "41eeeb0472c7e9c3a7146a2133341cd74dd3f8b5064c9dee2c70e5daa060954f" @@ -272710,8 +272757,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Powertool_Kevpsys_Powertool_7C0F : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4144-L4171" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4144-L4171" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7c0f77d103015fc29379ba75d133dc3450d557b0ba1f7495c6b43447abdae230" hash = "d9500af86bf129d06b47bcfbc4b23fcc724cfbd2af58b03cdb13b26f8f50d65e" hash = "2a4f4400402cdc475d39389645ca825bb0e775c3ecb7c527e30c5be44e24af7d" @@ -272748,8 +272795,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Intelcorporation_Iqvwsys_Intelriqvwsys_D1F4 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4174-L4193" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4174-L4193" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d1f4949f76d8ac9f2fa844d16b1b45fb1375d149d46e414e4a4c9424dc66c91f" logic_hash = "8152947116f7cb31e716db449c855255c30f5034d065e8287cf480157274ba9b" score = 40 @@ -272778,8 +272825,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cn_Computerzsys_BC45 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4196-L4216" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4196-L4216" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "bc453d428fc224960fa8cbbaf90c86ce9b4c8c30916ad56e525ab19b6516424e" hash = "182bbdb9ecd3932e0f0c986b779c2b2b3997a7ca9375caa2ec59b4b08f4e9714" logic_hash = "283d6d71ba7ace25c248949d232d2ce0c86fa87115304b8d6c07e7564e6757a3" @@ -272809,8 +272856,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Intelcorporation_Iqvwsys_Intelriqvwsys_7CB4 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4219-L4238" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4219-L4238" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7cb497abc44aad09a38160d6a071db499e05ff5871802ccc45d565d242026ee7" logic_hash = "bec5e91150c9c0760c91f8a2b4b83867af030ede236c8596c3558e0f8fca1004" score = 40 @@ -272839,8 +272886,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Safenetinc_Hostnt_Hostnt_07B6 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4241-L4260" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4241-L4260" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "07b6d69bafcfd767f1b63a490a8843c3bb1f8e1bbea56176109b5743c8f7d357" logic_hash = "b07f335b6941ef2095903cb8841358bff6b09518a96512d69fdf90bf328888e7" score = 40 @@ -272869,8 +272916,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Rivetnetworksllc_Kfecodrvsys_Killertrafficcontro date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4263-L4282" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4263-L4282" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9a91d6e83b8fdec536580f6617f10dfc64eedf14ead29a6a644eb154426622ba" logic_hash = "29ba3734f177a3ca166a3c02d066da4b9e4cbd146724f037ac82e3ced1d7951e" score = 40 @@ -272899,8 +272946,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4285-L4304" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4285-L4304" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "848b150ffcf1301b26634a41f28deacb5ccdd3117d79b590d515ed49849b8891" logic_hash = "e56d5221962e4fe353c0e37cc3bbebf68d785d86f49269d7e6d935ef6cff6f38" score = 40 @@ -272929,8 +272976,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Zemanaltd_Zam_7CB5 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4307-L4324" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4307-L4324" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7cb594af6a3655daebc9fad9c8abf2417b00ba31dcd118707824e5316fc0cc21" logic_hash = "df3e79bf8db29cb712ac4fe3670954a0793d7d839f3368ad52e5f826afd18b7f" score = 40 @@ -272957,8 +273004,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Asrockincorporation_Asrautochkupddrvsys_Asrautoc date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4327-L4346" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4327-L4346" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2aa1b08f47fbb1e2bd2e4a492f5d616968e703e1359a921f62b38b8e4662f0c4" logic_hash = "87c0e6a3d0ff8f88e8f190c6b643adde45dc7d4c2aa73b79ba0f38a13bd86f1c" score = 40 @@ -272987,8 +273034,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_97B3 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4349-L4369" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4349-L4369" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "97b32ddf83f75637e3ba934df117081dd6a1c57d47a4c9700d35e736da11d5bd" hash = "89108a15f009b285db4ef94250b889d5b11b96b4aa7b190784a6d1396e893e10" logic_hash = "800b43309abd2921378c28cace1ccfb2f7d3420c0f7059c9cbd7422095cbba43" @@ -273018,8 +273065,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sisoftware_Sandra_Sisoftwaresandra_0EAB : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4372-L4391" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4372-L4391" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0eab16c7f54b61620277977f8c332737081a46bc6bbde50742b6904bdd54f502" logic_hash = "a4b1e73c5706e29fc31722f82bdf03c705a03821feb22da48c8c5d0d0f7f2dbb" score = 40 @@ -273048,8 +273095,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realtek_Rtkiosys_Realtekiodriver_8EF5 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4394-L4413" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4394-L4413" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "8ef59605ebb2cb259f19aba1a8c122629c224c58e603f270eaa72f516277620c" logic_hash = "d0b94553fb03576dea69fd13042db119825009c0a90ba111560102fed8bb3154" score = 40 @@ -273078,8 +273125,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_1F15 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4416-L4435" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4416-L4435" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1f15fd9b81092a98fabcc4ac95e45cec2d9ff3874d2e3faac482f3e86edad441" logic_hash = "5eebc2d90e6d17134c100e4f04271f4e1f6546a6c74ef4737e60ec76d4fa8227" score = 40 @@ -273108,8 +273155,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Insydesoftwarecorp_Segwindrvxsys_Segwindowsdrive date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4438-L4457" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4438-L4457" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0452a6e8f00bae0b79335c1799a26b2b77d603451f2e6cc3b137ad91996d4dec" logic_hash = "3e5eddf984eb85a304bd19a444238850dc2d153f8e59bb215a08f781efc270c6" score = 40 @@ -273138,8 +273185,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_818E : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4460-L4479" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4460-L4479" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "818e396595d08d724666803cd29dac566dc7db23bf50e9919d04b33afa988c01" logic_hash = "de48cb605c339f13f94451361531ea2661d79311aacbb87878b24866766b6e3f" score = 40 @@ -273168,8 +273215,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_6FFD : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4482-L4501" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4482-L4501" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6ffdde6bc6784c13c601442e47157062941c47015891e7139c2aaba676ab59cc" logic_hash = "f8d629b1c9b785204c61c95ac83dc7516db14aa8abd68dc8cb5250d53408f20d" score = 40 @@ -273198,8 +273245,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cpuid_Cpuzsys_Cpuidservice_7710 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4504-L4528" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4504-L4528" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "771015b2620942919bb2e0683476635b7a09db55216d6fbf03534cb18513b20c" hash = "8d57e416ea4bb855b78a2ff3c80de1dfbb5dc5ee9bfbdddb23e46bd8619287e2" hash = "6c5c6c350c8dd4ca90a8cca0ed1eeca185ebc67b1100935c8f03eb3032aca388" @@ -273233,8 +273280,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Razerinc_Rzpnk_Rzpnk_AD8F : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4531-L4551" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4531-L4551" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ad8fd8300ed375e22463cea8767f68857d9a3b0ff8585fbeb60acef89bf4a7d7" hash = "0507d893e3fd2917c81c1dc13ccb22ae5402ab6ca9fb8d89485010838050d08d" logic_hash = "2cbeb5784c1f074b8d76d8f884e7529b8c137ff6b9df0320db677927766fcc70" @@ -273264,8 +273311,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Ludashicom_Computerzsys_71C0 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4554-L4578" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4554-L4578" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "71c0ce3d33352ba6a0fb26e274d0fa87dc756d2473e104e0f5a7d57fab8a5713" hash = "13ae3081393f8100cc491ebb88ba58f0491b3550787cf3fd25a73aa7ca0290d9" hash = "8781589c77df2330a0085866a455d3ef64e4771eb574a211849784fdfa765040" @@ -273299,8 +273346,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrserverddkprovider_Speedfansys_Windowsrse date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4581-L4600" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4581-L4600" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "22be050955347661685a4343c51f11c7811674e030386d2264cd12ecbf544b7c" logic_hash = "ce5fb5f559f97130403f8f4c22a2f223892ba46b1df9fd6a99624e879a3fcea3" score = 40 @@ -273329,8 +273376,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Openlibsysorg_Openlibsyssys_Openlibsys_9131 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4603-L4622" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4603-L4622" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "91314768da140999e682d2a290d48b78bb25a35525ea12c1b1f9634d14602b2c" logic_hash = "e61f4452ecae438072b37ae00ca67401541db0e8f6d5b0f1d697190fdff16d23" score = 40 @@ -273359,8 +273406,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tgsoftsas_Viragtsys_Viritagentsystem_E4EC : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4625-L4644" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4625-L4644" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e4eca7db365929ff7c5c785e2eab04ef8ec67ea9edcf7392f2b74eccd9449148" logic_hash = "08fa3c764599e1f0cb4e76b38b9d577a2fd70fb3f6f3e8e70eea65f0cf16d93a" score = 40 @@ -273389,8 +273436,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Asustekcomputerinc_Atsziosys_Atsziodriver_FB6B : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4647-L4666" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4647-L4666" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "fb6b0d304433bf88cc7d57728683dbb4b9833459dc33528918ead09b3907ff22" logic_hash = "f62cc8ddd443bf196d36d5a3a2724aff4858fcc78abcdbb3cf7362228fde7a7b" score = 40 @@ -273419,8 +273466,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sysinternalswwwsysinternalscom_Procexpsys_Proces date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4669-L4689" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4669-L4689" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "075de997497262a9d105afeadaaefc6348b25ce0e0126505c24aa9396c251e85" hash = "cdfbe62ef515546f1728189260d0bdf77167063b6dbb77f1db6ed8b61145a2bc" logic_hash = "467c47d2a64332dc3b94a3b55655f0e0c4f10b19e8724718b8f2ccf97ffe6446" @@ -273450,8 +273497,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Micsystechnologycoltd_Msiosys_Msiodriverversion_ date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4692-L4713" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4692-L4713" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ae42afa9be9aa6f6a5ae09fa9c05cd2dfb7861dc72d4fd8e0130e5843756c471" hash = "d636c011b8b2896572f5de260eb997182cc6955449b044a739bd19cbe6fdabd2" hash = "0f035948848432bc243704041739e49b528f35c82a5be922d9e3b8a4c44398ff" @@ -273482,8 +273529,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Vektortsecurityservice_Vboxdrv_Antidetectpublic_ date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4716-L4735" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4716-L4735" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3724b39e97936bb20ada51c6119aded04530ed86f6b8d6b45fbfb2f3b9a4114b" logic_hash = "6c2a12c5866686cde0e621bd35b73079d7d37d5b5d4b42bb962435a73682c32b" score = 40 @@ -273512,8 +273559,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_2380 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4738-L4757" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4738-L4757" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "238046cfe126a1f8ab96d8b62f6aa5ec97bab830e2bae5b1b6ab2d31894c79e4" logic_hash = "7ac9c6ae541d6689a986d884e96f2f024a18736a59b02a1103e44538d725bb52" score = 40 @@ -273542,8 +273589,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4760-L4780" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4760-L4780" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d7c90cf3fdbbd2f40fe6a39ad0bb2a9a97a0416354ea84db3aeff6d925d14df8" hash = "64a8e00570c68574b091ebdd5734b87f544fa59b75a4377966c661d0475d69a5" logic_hash = "1e5669c7c79c027bdef5dbd135b35ea4e9af8c164b6b8f027490e2fa49ebf904" @@ -273573,8 +273620,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cn_Computerzsys_A97B : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4783-L4803" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4783-L4803" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a97b404aae301048e0600693457c3320d33f395e9312938831bc5a0e808f2e67" hash = "47c490cc83a17ff36a1a92e08d63e76edffba49c9577865315a6c9be6ba80a7d" logic_hash = "1b7961c9c0e0812fa68f330f45ba1834a246f3571e9086280b03c155865746e9" @@ -273604,8 +273651,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibxsys_Ntiolibx_1E8B : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4806-L4826" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4806-L4826" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1e8b0c1966e566a523d652e00f7727d8b0663f1dfdce3b9a09b9adfaef48d8ee" hash = "5d530e111400785d183057113d70623e17af32931668ab7c7fc826f0fd4f91a3" logic_hash = "673d993f0ad7800551cfc11d73a38aa37b306902f2d28db4d5ec5f33bc51f21f" @@ -273635,8 +273682,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Featureintegrationtechnologyinc_Fintekpciecom_81 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4829-L4848" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4829-L4848" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "81fbc9d02ef9e05602ea9c0804d423043d0ea5a06393c7ece3be03459f76a41d" hash = "ebf0e56a1941e3a6583aab4a735f1b04d4750228c18666925945ed9d7c9007e1" logic_hash = "24ae9365e55b29c55f83f944154f8fd4643c733f33cfb6542e9159b52acdb9c3" @@ -273665,8 +273712,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sysinternalswwwsysinternalscom_Procexpsys_Proces date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4851-L4872" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4851-L4872" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6bfc0f425de9f4e7480aa2d1f2e08892d0553ed0df1c31e9bf3d8d702f38fa2e" hash = "3c7e5b25a33a7805c999d318a9523fcae46695a89f55bbdb8bb9087360323dfc" hash = "46621554728bc55438c7c241137af401250f062edef6e7efecf1a6f0f6d0c1f7" @@ -273697,8 +273744,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sysinternalswwwsysinternalscom_Procexpsys_Proces date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4875-L4894" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4875-L4894" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7a48f92a9c2d95a72e18055cac28c1e7e6cad5f47aa735cbea5c3b82813ccfaf" logic_hash = "3827cad3f54342cba5e6cfc98b2e30522feb79ea8917d882b95dcc66863e389d" score = 40 @@ -273727,8 +273774,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Zemanaltd_Zam_45F4 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4897-L4913" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4897-L4913" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "45f42c5d874369d6be270ea27a5511efcca512aeac7977f83a51b7c4dee6b5ef" logic_hash = "539d1795ae819c2705e77cb41ec4248c7239ffa8cd805addbb9e5da5e98a83e2" score = 40 @@ -273754,8 +273801,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Intelcorporation_Iqvwsys_Intelriqvwsys_4D05 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4916-L4942" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4916-L4942" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4d0580c20c1ba74cf90d44c82d040f0039542eea96e4bbff3996e6760f457cee" hash = "77c5e95b872b1d815d6d3ed28b399ca39f3427eeb0143f49982120ff732285a9" hash = "cff9aa9046bdfd781d34f607d901a431a51bb7e5f48f4f681cc743b2cdedc98c" @@ -273791,8 +273838,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_86A1 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4945-L4964" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4945-L4964" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "86a1b1bacc0c51332c9979e6aad84b5fba335df6b9a096ccb7681ab0779a8882" logic_hash = "ed28688de49b089def60861ffe53f4e3a7f714b255035fdb19122375c83ebac2" score = 40 @@ -273821,8 +273868,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Aegis_61BE : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4967-L4986" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4967-L4986" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "61befeef14783eb0fed679fca179d2f5c33eb2dcbd40980669ca2ebeb3bf11cf" logic_hash = "70969db52d4e88e1662902634e0cb21c44ab694928e15e4bdaa9a1b2604146dd" score = 40 @@ -273851,8 +273898,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrserverddkprovider_Gdrvsys_Windowsrserver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L4989-L5011" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L4989-L5011" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "88992ddcb9aaedb8bfcc9b4354138d1f7b0d7dddb9e7fcc28590f27824bee5c3" hash = "31f4cfb4c71da44120752721103a16512444c13c2ac2d857a7e6f13cb679b427" hash = "6f1fc8287dd8d724972d7a165683f2b2ad6837e16f09fe292714e8e38ecd1e38" @@ -273884,8 +273931,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Filseclabcorporation_Fildds_Filseclabdynamicdefe date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5014-L5033" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5014-L5033" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f8c07b6e2066a5a22a92d9f521ecdeb8c68698c400e4b83e0501b9f340957c22" logic_hash = "5eb7f097384c0e4b418611a37d6a03dc7a6ff21814716489bf35e0bd43f390cf" score = 40 @@ -273914,8 +273961,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_BE8D : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5036-L5055" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5036-L5055" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "be8dd2d39a527649e34dc77ef8bc07193a4234b38597b8f51e519dadc5479ec2" logic_hash = "98be6af9aa551ba153413f75d4038b2840181418e0b8eba2cfcac2aa29a4460e" score = 40 @@ -273944,8 +273991,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_3E85 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5058-L5077" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5058-L5077" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3e85cf32562a47d51827b21ab1e7f8c26c0dbd1cd86272f3cc64caae61a7e5fb" logic_hash = "23d11200a9d5ad71d8578e3ec3ac40ad6f7d9971177aa59a1ea6bac3de4f0b04" score = 40 @@ -273974,8 +274021,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibsys_Ntiolib_3070 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5080-L5099" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5080-L5099" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "30706f110725199e338e9cc1c940d9a644d19a14f0eb8847712cba4cacda67ab" logic_hash = "05e9f35f83489d262ffece0c406eebf1b81514ea60278415fbc53adc0bc365fb" score = 40 @@ -274004,8 +274051,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibsys_Ntiolib_CC58 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5102-L5121" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5102-L5121" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "cc586254e9e89e88334adee44e332166119307e79c2f18f6c2ab90ce8ba7fc9b" logic_hash = "8eb46633cce7959cfefbc65ede889c748a077cddc59fb79d87b54ddcd42ca524" score = 40 @@ -274034,8 +274081,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrcodenamelonghornddkprovider_Rtkiosys_Win date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5124-L5145" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5124-L5145" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "916c535957a3b8cbf3336b63b2260ea4055163a9e6b214f2a7005d6d36a4a677" hash = "caa85c44eb511377ea7426ff10df00a701c07ffb384eef8287636a4bca0b53ab" hash = "478917514be37b32d5ccf76e4009f6f952f39f5553953544f1b0688befd95e82" @@ -274066,8 +274113,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nmscommunications_Cgkwinksys_Ctaccess_223F : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5148-L5167" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5148-L5167" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "223f61c3f443c5047d1aeb905b0551005a426f084b7a50384905e7e4ecb761a1" logic_hash = "2ec82ad1a839ff65d3e8288ed161650bd678f8a201bb513bd869d1e9bcfb2a65" score = 40 @@ -274096,8 +274143,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_E4D9 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5170-L5189" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5170-L5189" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e4d9f037411284e996a002b15b49bc227d085ee869ae1cd91ba54ff7c244f036" logic_hash = "e17c01d291e60fff225ee60e296450ab2d4a293084dc4c07de7347f55566d7ee" score = 40 @@ -274126,8 +274173,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Insydesoftwarecorp_Segwindrvxsys_Segwindowsdrive date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5192-L5211" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5192-L5211" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "b9ae1d53a464bc9bb86782ab6c55e2da8804c80a361139a82a6c8eef30fddd7c" logic_hash = "dac574b12f72b99fe66500edb6447802f95ad8d6c787ddbea69b36a1c0dfdab7" score = 40 @@ -274156,8 +274203,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Cupfixerxsys_Windowsrwind date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5214-L5233" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5214-L5233" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "8c748ae5dcc10614cc134064c99367d28f3131d1f1dda0c9c29e99279dc1bdd9" logic_hash = "d0eb0738da64ce1a94278a422e829f01d1514ac4536fc2187aa5f4112b70f6e0" score = 40 @@ -274186,8 +274233,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Advancedmicrodevicesinc_Pdfwkrnlsys_Usbcpowerdel date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5236-L5256" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5236-L5256" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0cf84400c09582ee2911a5b1582332c992d1cd29fcf811cb1dc00fcd61757db0" hash = "f190919f1668652249fa23d8c0455acbde9d344089fde96566239b1a18b91da2" logic_hash = "6497a69a7fd7502a78ec6d373a2b0bdc1da73bca4590a256f7094463e0f0b363" @@ -274217,8 +274264,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Asustekcomputerinc_Eiosys_Asusvgakernelmodedrive date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5259-L5278" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5259-L5278" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "b17507a3246020fa0052a172485d7b3567e0161747927f2edf27c40e310852e0" logic_hash = "bfcaa037bc06303a0de6a0372cd9dd49bd9801610989df46ca19fd844b22560e" score = 40 @@ -274247,8 +274294,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5281-L5300" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5281-L5300" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4d777a9e2c61e8b55b3c34c5265b301454bb080abe7ffb373e7800bd6a498f8d" logic_hash = "bed34d3bcb856628a688bb189f5bc1a0adf2384698ac28196fc5313e57387a1e" score = 40 @@ -274277,8 +274324,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_2AFD : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5303-L5322" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5303-L5322" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2afdb3278a7b57466a103024aef9ff7f41c73a19bab843a8ebf3d3c4d4e82b30" logic_hash = "a687639311529ca919f90d478ddbb39e441ce24a58be056af7a7108db3f11f25" score = 40 @@ -274307,8 +274354,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cn_Computerzsys_00D9 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5325-L5344" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5325-L5344" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "00d9781d0823ab49505ef9c877aa6fa674e19ecc8b02c39ee2728f298bc92b03" logic_hash = "dd1b181f975ada1e7d1def32be88e41df2f994c698e794dc0fade119b0eabf2d" score = 40 @@ -274337,8 +274384,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Dcprotectsys_Dcprotectrwi date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5347-L5366" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5347-L5366" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c35cab244bd88bf0b1e7fc89c587d82763f66cf1108084713f867f72cc6f3633" logic_hash = "f9010e0f70eb1c94a1e41e5999623f5eeb6aff155c36cb7b17c196eb363a62c4" score = 40 @@ -274367,8 +274414,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Asustekcomputerinc_Iomapsys_Asuskernelmodedriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5369-L5388" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5369-L5388" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ea85bbe63d6f66f7efee7007e770af820d57f914c7f179c5fee3ef2845f19c41" logic_hash = "f9ffedd3761c0cf68d5f862ceb8e22a61a5da73e757cf92317085b714656e139" score = 40 @@ -274397,8 +274444,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tgsoftsas_Viragtsys_Viritagentsystem_E05E : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5391-L5410" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5391-L5410" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e05eeb2b8c18ad2cb2d1038c043d770a0d51b96b748bc34be3e7fc6f3790ce53" logic_hash = "94ee30a5cbd1ff47cddf35ec2205d9008857e87c457dce025501132231a146e4" score = 40 @@ -274427,8 +274474,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpotsys_Avginternetsecu date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5413-L5432" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5413-L5432" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e4522e2cfa0b1f5d258a3cf85b87681d6969e0572f668024c465d635c236b5d9" logic_hash = "0a35b3e88bb078e61c2769267fdba624d171492b0e4d1c57ecf7ea770fa2f44d" score = 40 @@ -274457,8 +274504,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Marvintestsolutionsinc_Hwsys_Hw_5596 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5435-L5455" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5435-L5455" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "55963284bbd5a3297f39f12f0d8a01ed99fe59d008561e3537bcd4db4b4268fa" hash = "4880f40f2e557cff38100620b9aa1a3a753cb693af16cd3d95841583edcb57a8" logic_hash = "fcfc255a20b512b38057022c05a694e757b08950d6d35b3c361b0559da51a689" @@ -274488,8 +274535,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Getactechnologycorporation_Mtcbsvsys_Getacsystem date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5458-L5477" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5458-L5477" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e6023b8fd2ce4ad2f3005a53aa160772e43fe58da8e467bd05ab71f3335fb822" logic_hash = "6e220e39e765c6af5d2e80cce4a4a07b587ccd559e0cb455d56046cf4c2ff447" score = 40 @@ -274518,8 +274565,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Genitlkiwibenjaminxxxxx_Titidrv_Titidrvtiticatz_ date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5480-L5499" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5480-L5499" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "208ea38734979aa2c86332eba1ea5269999227077ff110ac0a0d411073165f85" logic_hash = "c1a57d6f66fd8818dd72813a3bac78eab44b2b546f65a78864739cb55a258d39" score = 40 @@ -274548,8 +274595,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Advancedmicrodevicesinc_Pdfwkrnlsys_Usbcpowerdel date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5502-L5521" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5502-L5521" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5df689a62003d26df4aefbaed41ec1205abbf3a2e18e1f1d51b97711e8fcdf00" logic_hash = "b560682fe9ed95a19df7dcc6ea823545d2303a51aaa06dc14e48c73f2e6fe8b7" score = 40 @@ -274578,8 +274625,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_B9AD : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5524-L5543" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5524-L5543" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "b9ad7199c00d477ebbc15f2dcf78a6ba60c2670dad0ef0994cebccb19111f890" logic_hash = "c8efd23f9fb60831cede71737c5d1e62d94f3b44a2b3da7f29db06ca4599821d" score = 40 @@ -274608,8 +274655,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cn_Computerzsys_348D : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5546-L5566" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5546-L5566" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "348dc502ac57d7362c7f222e656c52e630c90bef92217a3bd20e49193b5a69f1" hash = "c186967cc4f2a0cb853c9796d3ea416d233e48e735f02b1bb013967964e89778" logic_hash = "435219f0b49a009eb42ffa096c4acefc48f85d03a8656d5142df20deee19cf08" @@ -274639,8 +274686,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Mydriverscom_Hwm_Drivergenius_08EB : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5569-L5588" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5569-L5588" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "08eb2d2aa25c5f0af4e72a7e0126735536f6c2c05e9c7437282171afe5e322c6" logic_hash = "2371de5547217734226420bbbee12dee897206bd2419387d2c2fc2ae07df7fec" score = 40 @@ -274669,8 +274716,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sisoftware_Sandra_Sisoftwaresandra_3E27 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5591-L5610" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5591-L5610" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3e274df646f191d2705c0beaa35eeea84808593c3b333809f13632782e27ad75" logic_hash = "18affdea7f982e47ca4852d9a4a28797a1ca3175c404c8e5c316ee3a610cf858" score = 40 @@ -274699,8 +274746,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Evgatechnologyinc_Windowsvistasmartiodevice_Wind date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5613-L5632" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5613-L5632" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3c95ebf3f1a87f67d2861dbd1c85dc26c118610af0c9fbf4180428e653ac3e50" logic_hash = "e0bf6bd64e91baa27e1181223cba6f4975b5b5a9fd9918d4c65180ed584b319b" score = 40 @@ -274729,8 +274776,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_033C : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5635-L5654" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5635-L5654" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "033c4634ab1a43bc3247384864f3380401d3b4006a383312193799dded0de4c7" logic_hash = "fea547a999db61dd4c87d648d8e0e1a50f9c677439d514cfdd0a75a5a6da4c8f" score = 40 @@ -274759,8 +274806,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sunmicrosystemsinc_Vboxusbsys_Virtualboxusbdrive date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5657-L5676" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5657-L5676" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5b26c4678ecd37d1829513f41ff9e9df9ef1d1d6fea9e3d477353c90cc915291" logic_hash = "49554df6ecdbfafbb3cf8f78cdece896830dd842cf1cae1129f11eb69a3588c4" score = 40 @@ -274789,8 +274836,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpot_Avastantivirus_3B6E : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5679-L5698" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5679-L5698" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3b6e85c8fed9e39b21b2eab0b69bc464272b2c92961510c36e2e2df7aa39861b" logic_hash = "f3736282399849376632ee9392bf679779cecbb76fa7bd8ccaff0b787a3370f5" score = 40 @@ -274819,8 +274866,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_7C73 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5701-L5721" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5701-L5721" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7c731c0ea7f28671ab7787800db69739ea5cd6be16ea21045b4580cf95cbf73b" hash = "fca10cde7d331b7f614118682d834d46125a65888e97bd9fda2df3f15797166c" logic_hash = "9e024ac35be2fe02ecaae96f3cfbbae60b4032986f22710809699049456e979c" @@ -274850,8 +274897,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Wistroncorporation_Wirwadrvsys_Wistronrwadriver_ date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5724-L5743" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5724-L5743" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d8fc8e3a1348393c5d7c3a84bcbae383d85a4721a751ad7afac5428e5e579b4e" logic_hash = "e991957205079fb282f9fb248637d4723c940a7e9ab708e68082e99adbed647c" score = 40 @@ -274880,8 +274927,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_1A42 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5746-L5765" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5746-L5765" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1a42ebde59e8f63804eaa404f79ee93a16bb33d27fb158c6bfbe6143226899a0" logic_hash = "bfd4ff6c58d83e8d09d43d75e655993319283d0a41407d20417011d663791fd3" score = 40 @@ -274910,8 +274957,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Ludashicom_Computerzsys_F14D : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5768-L5788" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5768-L5788" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f14da8aa5c8eea8df63cf935481d673fdf3847f5701c310abf4023f9d80ad57d" hash = "c6a5663f20e5cee2c92dee43a0f2868fb0af299f842410f4473dcde7abcb6413" logic_hash = "6d1a98e8b5ab416446cf15cf15a2bad93dfbe9b984b40f5fae523e17e6eb5caa" @@ -274941,8 +274988,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_EC5F : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5791-L5810" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5791-L5810" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ec5fac0b6bb267a2bd10fc80c8cca6718439d56e82e053d3ff799ce5f3475db5" logic_hash = "74fad50be13de00367a5cecb25f7e3feb53f5e8553fac8cd32edc500a91aad88" score = 40 @@ -274971,8 +275018,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpot_Avginternetsecurit date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5813-L5832" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5813-L5832" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "34e0364a4952d914f23f271d36e11161fb6bb7b64aea22ff965a967825a4a4bf" logic_hash = "a2f304406595b6cad63dbc83f32f1a35477d022fe5cad1c11ac9746d3775199d" score = 40 @@ -275001,8 +275048,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibsys_Ntiolib_D0BD : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5835-L5854" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5835-L5854" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d0bd1ae72aeb5f3eabf1531a635f990e5eaae7fdd560342f915f723766c80889" logic_hash = "c285e87a94025916ed6d3fac65761d1ca4bef13102a0a37b256525bf651bd16c" score = 40 @@ -275031,8 +275078,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Atlaccesssys_Windowsrwind date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5857-L5876" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5857-L5876" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0b57569aaa0f4789d9642dd2189b0a82466b80ad32ff35f88127210ed105fe57" logic_hash = "93d5121da2037ffcc961550b6859bff4257f56b783d7c49e442dc97a3f9257ae" score = 40 @@ -275061,8 +275108,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5879-L5898" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5879-L5898" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "909f6c4b8f779df01ef91e549679aa4600223ac75bc7f3a3a79a37cee2326e77" logic_hash = "4e4a093fcdd97298aa6ead7c4412263837a7403f87b4d8f72e6ea27bc6f4d15f" score = 40 @@ -275091,8 +275138,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Zemanaltd_Zam_3C18 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5901-L5917" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5901-L5917" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3c18ae965fba56d09a65770b4d8da54ccd7801f979d3ebd283397bc99646004b" logic_hash = "4f958ccb21b5cbd28c25a9c2e1a08fcf00e24bfa9e7814b9e68b87814dd04f4c" score = 40 @@ -275118,8 +275165,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tgsoftsas_Viragtsys_Viritagentsystem_2B4C : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5920-L5939" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5920-L5939" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2b4c7d3820fe08400a7791e2556132b902a9bbadc1942de57077ecb9d21bf47a" logic_hash = "3db68ef927d373e7774d52bbf1dccfa2960b4bb1b42a32a181ad9e1f00458f23" score = 40 @@ -275148,8 +275195,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Innotekgmbh_Iprt_Virtualboxguestadditions_BBF5 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5942-L5961" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5942-L5961" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "bbf564a02784d53b8006333406807c3539ee4a594585b1f3713325904cb730ec" logic_hash = "7f5480d84195854bdc5c7554495e0ecd9b69b9c527152def1e85fd61084fd22d" score = 40 @@ -275178,8 +275225,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tenasyscorporation_Rtifsys_Intime_9399 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5964-L5984" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5964-L5984" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9399f35b90f09b41f9eeda55c8e37f6d1cb22de6e224e54567d1f0865a718727" hash = "a66b4420fa1df81a517e2bbea1a414b57721c67a4aa1df1967894f77e81d036e" logic_hash = "92139b7123c13dc80c1671b92ad6d1c6d6f4d02e1a3bc07e95cac27c7d43df66" @@ -275209,8 +275256,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Dtresearchinc_Iomemsys_Iomemsys_3D23 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L5987-L6006" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L5987-L6006" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3d23bdbaf9905259d858df5bf991eb23d2dc9f4ecda7f9f77839691acef1b8c4" logic_hash = "4f494f3f2367bbc5751a09b79775ea61f62986b82375c8c98bf6a77203174be1" score = 40 @@ -275239,8 +275286,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sisoftware_Sandra_Sisoftwaresandra_496F : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6009-L6028" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6009-L6028" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "496f4a4021226fb0f1b5f71a7634c84114c29faa308746a12c2414adb6b2a40b" logic_hash = "405e7a16f8290d1d5462227ccf7d42e137bc98f084c9d5763b000d101e615c6a" score = 40 @@ -275269,8 +275316,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sysinternalswwwsysinternalscom_Procexpsys_Proces date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6031-L6051" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6031-L6051" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1b00d6e5d40b1b84ca63da0e99246574cdd2a533122bc83746f06c0d66e63a6e" hash = "51e91dd108d974ae809e5fc23f6fbd16e13f672f86aa594dae4a5c4bc629b0b5" logic_hash = "191ef735b2fa7cf3c1e0ae1a28e7996580ed2094d214f2ce7b42d856b119eb5e" @@ -275300,8 +275347,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Multitheftauto_Mtasanandreas_9F4C : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6054-L6071" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6054-L6071" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9f4ce6ab5e8d44f355426d9a6ab79833709f39b300733b5b251a0766e895e0e5" logic_hash = "b8c423a00732d4e0fb4c45c64a6794a466e604feb9d455bc110cf5169f95ab55" score = 40 @@ -275328,8 +275375,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_2732 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6074-L6093" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6074-L6093" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2732050a7d836ae0bdc5c0aea4cdf8ce205618c3e7f613b8139c176e86476d0c" logic_hash = "17723afb429fe90b2e49d61676c6564ce94547b55be45ea6a66cf8d2edcdc49b" score = 40 @@ -275358,8 +275405,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_A153 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6096-L6116" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6096-L6116" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a15325e9e6b8e4192291deb56c20c558dde3f96eb682c6e90952844edb984a00" hash = "e728b259113d772b4e96466ab8fe18980f37c36f187b286361c852bd88101717" hash = "4c859b3d11d2ff0049b644a19f3a316a8ca1a4995aa9c39991a7bde8d4f426a4" @@ -275389,8 +275436,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Ludashicom_Computerzsys_3F36 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6119-L6139" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6119-L6139" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3f3684a37b2645fa6827943d9812ffc2d83e89e962935b29874bec7c3714a06f" hash = "37d999df20c1a0b8ffaef9484c213a97b9987ed308b4ba07316a6013fbd31c60" logic_hash = "c82730df0e7b53c67478f3fa01728841eb3794354c3233b87fe342e652fadb2e" @@ -275420,8 +275467,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realixtm_Hwinfosys_Hwinfokerneldriver_7702 : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6142-L6161" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6142-L6161" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7702f240800528d8186e3e6a26e2680486fed65a6fb5a2a000ad12c1fb61a398" logic_hash = "c2f1170c6fc0353b99f0c0487937d05cba9a79c3b70eafa1895999074c6c4972" score = 40 @@ -275450,8 +275497,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tgsoftsas_Viragtsys_Viritagentsystem_EF6D : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6164-L6183" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6164-L6183" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ef6d3c00f9d0aa31a218094480299ef73fc85146adf62fd0c2f4f88972c5c850" logic_hash = "aff0eae9976189fe89534f7c3f1a35f093627f71d2c65aa446da85185f972bea" score = 40 @@ -275480,8 +275527,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Microfocus_Microfocusxtier_95D5 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6186-L6204" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6186-L6204" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "95d50c69cdbf10c9c9d61e64fe864ac91e6f6caa637d128eb20e1d3510e776d3" logic_hash = "070ce1aff2ca552a049602c694e77bd89caa4f6712d86671e21745d9d88f3bc3" score = 40 @@ -275509,8 +275556,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Z_Computerzsys_Zwuqisystemdriver_61E7 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6207-L6226" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6207-L6226" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "61e7f9a91ef25529d85b22c39e830078b96f40b94d00756595dded9d1a8f6629" logic_hash = "891a11f7f82c6aaa05801bdf0fd82d9786ec1e35c6d699119a801d5cc8e1fe24" score = 40 @@ -275539,8 +275586,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realixtm_Hwinfosys_Hwinfokerneldriver_8DCE : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6229-L6248" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6229-L6248" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "8dcec67a1f4903981c3e0ab938784c2f241e041e26748e1c22059e0e507cfb37" logic_hash = "4900c684a248338e686b0da0288fe2937cf5d0f5e453419b6f8091c2fc7fc061" score = 40 @@ -275569,8 +275616,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_E3EF : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6251-L6270" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6251-L6270" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e3eff841ea0f2786e5e0fed2744c0829719ad711fc9258eeaf81ed65a52a8918" logic_hash = "50c225f42f3b7ac785d01cc9ad5542ac2e12d26e707d0ed5b8c5415d981479bc" score = 40 @@ -275599,8 +275646,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Arthurliberman_Alsysiosys_Alsysio_7F37 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6273-L6292" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6273-L6292" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7f375639a0df7fe51e5518cf87c3f513c55bc117db47d28da8c615642eb18bfa" logic_hash = "5e796e1ebc587faf2f8255e6229fe4f97f781fd66100398561703320d34728c1" score = 40 @@ -275629,8 +275676,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Panyazilimbilisimteknolojileriticltdsti_Paniosys date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6295-L6314" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6295-L6314" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f596e64f4c5d7c37a00493728d8756b243cfdc11e3372d6d6dfeffc13c9ab960" logic_hash = "5694c7f1a74ffd5cdaa143bc563939589305450c3ee24c758fb7379b79f73764" score = 40 @@ -275659,8 +275706,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_6C5A : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6317-L6336" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6317-L6336" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6c5aef14613b8471f5f4fdeb9f25b5907c2335a4bc18b3c2266fb1ffd8f1741d" hash = "ec1307356828426d60eab78ffb5fc48a06a389dea6e7cc13621f1fa82858a613" logic_hash = "02155af4ab432fbbec1bf582fa8161eb2e39c258bb0f67fcc7054d2f3c8a46be" @@ -275689,8 +275736,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpot_Avastantivirus_1768 : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6339-L6358" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6339-L6358" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "17687cba00ec2c9036dd3cb5430aa1f4851e64990dafb4c8f06d88de5283d6ca" logic_hash = "5fb10d691fda963001b9a3c07b22db5e63beef984f26bc7d31ad98a1524ce5ff" score = 40 @@ -275719,8 +275766,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cn_Computerzsys_3913 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6361-L6382" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6361-L6382" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "39134750f909987f6ebb46cf37519bb80707be0ca2017f3735018bac795a3f8d" hash = "a34e45e5bbec861e937aefb3cbb7c8818f72df2082029e43264c2b361424cbb1" hash = "3e758221506628b116e88c14e71be99940894663013df3cf1a9e0b6fb18852b9" @@ -275751,8 +275798,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cn_Computerzsys_767E : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6385-L6405" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6385-L6405" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "767ef5c831f92d92f2bfc3e6ea7fd76d11999eeea24cb464fd62e73132ed564b" hash = "d9a73df5ac5c68ef5b37a67e5e649332da0f649c3bb6828f70b65c0a2e7d3a23" logic_hash = "624a88bcb301508151c2afdd1d5f076d04e2941dc2178b931f9dcfe3d63ab47d" @@ -275782,8 +275829,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpotsys_Avginternetsecu date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6408-L6427" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6408-L6427" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9a54ef5cfbe6db599322967ee2c84db7daabcb468be10a3ccfcaa0f64d9173c7" logic_hash = "a520f2236b800f2dd2b8ac9963b8e9ba3ce782cca2c1b2835540899da65168b5" score = 40 @@ -275812,8 +275859,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Oti_Otipcibussys_Kernelmodedrivertoaccessphysica date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6430-L6448" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6430-L6448" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4e3eb5b9bce2fd9f6878ae36288211f0997f6149aa8c290ed91228ba4cdfae80" logic_hash = "ef5cb96dc4f6eaaf24fe9d0a65ccb5efe54cb672a9328b9dc2bbc36af82d96e2" score = 40 @@ -275841,8 +275888,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_DCB8 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6451-L6470" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6451-L6470" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "dcb815eb8e9016608d0d917101b6af8c84b96fb709dc0344bceed02cbc4ed258" logic_hash = "80b8d0833d2e3675c5a1105725ef61e6914774019d4499c752a25b628a985274" score = 40 @@ -275871,8 +275918,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Micsystechnologycoltd_Msiosys_Msiodriverversion_ date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6473-L6492" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6473-L6492" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "cfcf32f5662791f1f22a77acb6dddfbc970fe6e99506969b3ea67c03f67687ab" logic_hash = "2dd35edfdf8b82b650278186df087c5ae103f3b807faf30c72278521ff56224b" score = 40 @@ -275901,8 +275948,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Dcprotectsys_Dcprotectrwi date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6495-L6514" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6495-L6514" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f8d45fa03f56e2ea14920b902856666b8d44f1f1b16644baf8c1ae9a61851fb6" logic_hash = "522145d0081891d18a0c1e657ca6228962e97325697b556d97a4fe311efa3aee" score = 40 @@ -275931,8 +275978,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Ngiodriversys_Avastng_D0E4 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6517-L6537" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6517-L6537" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d0e4d3e1f5d5942aaf2c72631e9490eecc4d295ee78c323d8fe05092e5b788eb" hash = "2ad8c38f6e0ca6c93abe3228c8a5d4299430ce0a2eeb80c914326c75ba8a33f9" logic_hash = "6a29c44686032d2367b1b4b9ef342239b9490e48ba1cc5f862b66f3de6a3f4b2" @@ -275962,8 +276009,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6540-L6560" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6540-L6560" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "77da3e8c5d70978b287d433ae1e1236c895b530a8e1475a9a190cdcc06711d2f" hash = "837d3b67d3e66ef1674c9f1a47046e1617ed13f73ee08441d95a6de3d73ee9f2" logic_hash = "a2918e4ffce0affe25aa7b8793c19dfa61da8321b35cb91600d0a5552e14fef6" @@ -275993,8 +276040,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Ludashicom_Computerzsys_0368 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6563-L6583" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6563-L6583" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "03680068ec41bbe725e1ed2042b63b82391f792e8e21e45dc114618641611d5d" hash = "66f851b309bada6d3e4b211baa23b534165b29ba16b5cbf5e8f44eaeb3ca86ea" logic_hash = "67626089334102cf852d0863b58a29562dda673b6601a90b13d97a2380a4295c" @@ -276024,8 +276071,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6586-L6605" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6586-L6605" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "b0dcdbdc62949c981c4fc04ccea64be008676d23506fc05637d9686151a4b77f" logic_hash = "13f4cfb57115eab4850771248b479f523f3c6d9a25a21b16ce224ab783dd4abc" score = 40 @@ -276054,8 +276101,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Radiantsystemsinc_Radhwmgrsys_Radiantsystemsinch date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6608-L6627" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6608-L6627" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7c79e5196c2f51d2ab16e40b9d5725a8bf6ae0aaa70b02377aedc0f4e93ca37f" logic_hash = "1e60cfe82a13e311e8dc98cb4da82f0f1aecc606aaa5c57cda445228e78acd6b" score = 40 @@ -276084,8 +276131,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Dtresearchinc_Iomemsys_Iomemsys_DD4A : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6630-L6649" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6630-L6649" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "dd4a1253d47de14ef83f1bc8b40816a86ccf90d1e624c5adf9203ae9d51d4097" logic_hash = "f04d75e5ff735d30d5bb3959722a5162b1ab7ce4db8d05a2007f98fc901b2179" score = 40 @@ -276114,8 +276161,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Pchuntersys_Pchunter_1B7F : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6652-L6671" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6652-L6671" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1b7fb154a7b7903a3c81f12f4b094f24a3c60a6a8cffca894c67c264ab7545fa" logic_hash = "54232c91f0f6d119ece865269eec9d5ea885c8dd0119a0eecd889a405af828a0" score = 40 @@ -276144,8 +276191,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_6500 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6674-L6693" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6674-L6693" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "65008817eb97635826a8708a6411d7b50f762bab81304e457119d669382944c3" logic_hash = "a3a2b21c9a58fee77857f3074fe6b69506eecb2627d93f1ea3a51c4cccdd2bab" score = 40 @@ -276174,8 +276221,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cn_Computerzsys_0FC3 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6696-L6716" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6696-L6716" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0fc3bc6e81b04dcaa349f59f04d6c85c55a2fea5db8fa0ba53d3096a040ce5a7" hash = "40eef1f52c7b81750cee2b74b5d2f4155d4e58bdde5e18ea612ab09ed0864554" logic_hash = "56d3b62717fae240ed7c6becfd6523962bb536fe4f7746e7c80f97851fe30501" @@ -276205,8 +276252,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Netfiltersys_EDC6 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6719-L6740" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6719-L6740" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "edc6e32e3545f859e5b49ece1cabd13623122c1f03a2f7454a61034b3ff577ed" hash = "79e7165e626c7bde546cd1bea4b9ec206de8bed7821479856bdb0a2adc3e3617" hash = "18b923b169b2c3c7db5cbfda0db0999f04adb2cf6c917e5b1fb2ff04714ecac1" @@ -276237,8 +276284,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Zemanaltd_Zam_E428 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6743-L6759" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6743-L6759" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e428ddf9afc9b2d11e2271f0a67a2d6638b860c2c12d4b8cc63d33f3349ee93f" logic_hash = "8bd47884d13cfc03ececb849688a1c843c4de684a6d32923493f9d0af3d33b7b" score = 40 @@ -276264,8 +276311,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrserverddkprovider_Cpuzsys_Windowsrserver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6762-L6781" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6762-L6781" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "be683cd38e64280567c59f7dc0a45570abcb8a75f1d894853bbbd25675b4adf7" logic_hash = "6fc3676bace692d3c83f0ccebe39be7d9dec3965935a8cf8971594fd6c206b90" score = 40 @@ -276294,8 +276341,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_0909 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6784-L6803" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6784-L6803" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0909005d625866ef8ccd8ae8af5745a469f4f70561b644d6e38b80bccb53eb06" logic_hash = "f224ce42de29a91805c38c230c5b311878339c20d18bcd482b5738f246b12cbc" score = 40 @@ -276324,8 +276371,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6806-L6826" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6806-L6826" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3cb111fdedc32f2f253aacde4372b710035c8652eb3586553652477a521c9284" hash = "9bfd24947052bfe9f2979113a7941e40bd7e3a82eaa081a32ad4064159f07c91" logic_hash = "cb6f7a26f4564d7a60a8dee25f5018fd4f3b4decfef6dfdb0d0b2f1df982adf7" @@ -276355,8 +276402,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Watchdogdevelopmentcomllc_Wsdkdsys_Wsdkd_6278 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6829-L6848" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6829-L6848" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6278bc785113831b2ec3368e2c9c9e89e8aca49085a59d8d38dac651471d6440" logic_hash = "3df6c8424981c50e765d8730f702b2a541b4e7312eea2ae27518d0958531f3e0" score = 40 @@ -276385,8 +276432,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Huawei_Hwosec_Huaweimatebook_B179 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6851-L6871" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6851-L6871" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "b179e1ab6dc0b1aee783adbcad4ad6bb75a8a64cb798f30c0dd2ee8aaf43e6de" hash = "bb1135b51acca8348d285dc5461d10e8f57260e7d0c8cc4a092734d53fc40cbc" logic_hash = "6c35f9cdd6d48a5804a95bbfd15564e1b9d145b121a72df7fe345ede0c2eed26" @@ -276416,8 +276463,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Hpinc_Hpportioxsys_Hpportio_A468 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6874-L6892" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6874-L6892" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a4680fabf606d6580893434e81c130ff7ec9467a15e6534692443465f264d3c9" logic_hash = "a1e7828c2e39afe4279e6c9b5d34263478919336ed6b7d01bb45b1fdb2032878" score = 40 @@ -276445,8 +276492,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Zemanaltd_Zam_7661 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6895-L6911" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6895-L6911" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "76614f2e372f33100a8d92bf372cdbc1e183930ca747eed0b0cf2501293b990a" logic_hash = "8428303996166eb968534f192a1e15cc374ed412b8915b41a323fcf6d8bd238c" score = 40 @@ -276472,8 +276519,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Gigabytetechnologycoltd_Gdrvsys_Gigabytesoftware date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6914-L6933" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6914-L6933" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "8b92cdb91a2e2fab3881d54f5862e723826b759749f837a11c9e9d85d52095a2" logic_hash = "565bd93231c1cffbb52efc9fedae7c41593ba93a2540dadf199806793359f67d" score = 40 @@ -276502,8 +276549,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sisoftware_Sandra_Sisoftwaresandra_881B : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6936-L6955" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6936-L6955" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "881bca6dc2dafe1ae18aeb59216af939a3ac37248c13ed42ad0e1048a3855461" logic_hash = "0d1427a94c21e7055a8d3d1e23e0ee3c513030530c15778eed40283979dba6f9" score = 40 @@ -276532,8 +276579,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_5192 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6958-L6977" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6958-L6977" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5192ec4501d0fe0b1c8f7bf9b778f7524a7a70a26bbbb66e5dab8480f6fdbb8b" logic_hash = "39194a4e7085e17fef079075949360155d6ce279e3bc1a92f1b3a12b70e7f15c" score = 40 @@ -276562,8 +276609,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Radiantsystemsinc_Radhwmgrsys_Radiantsystemsinch date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L6980-L7000" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L6980-L7000" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0f30ecd4faec147a2335a4fc031c8a1ac9310c35339ebeb651eb1429421951a0" hash = "903d6d71da64566b1d9c32d4fb1a1491e9f91006ad2281bb91d4f1ee9567ef7b" logic_hash = "09782a4b713c385896e9793c7fe4771ad00b8736e44c2639f94239751cf17222" @@ -276593,8 +276640,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Insydesoftware_Insydeflash_Insydeflashutilitybit date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7003-L7022" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7003-L7022" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ce0a4430d090ba2f1b46abeaae0cb5fd176ac39a236888fa363bf6f9fd6036d9" logic_hash = "ba20c0a151a7e6ef4c2e70426cf4132d9c30f40b6a91e4402e20d15201b6c56e" score = 40 @@ -276623,8 +276670,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_80A5 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7025-L7044" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7025-L7044" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "80a59ca71fc20961ccafc0686051e86ae4afbbd4578cb26ad4570b9207651085" logic_hash = "f736ac96f1efde446400aaa49fba7cc84a0a10b3425561f67811da86dbee14a8" score = 40 @@ -276653,8 +276700,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Microfocus_Microfocusxtier_5351 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7047-L7065" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7047-L7065" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5351c81b4ec5a0d79c39d24bac7600d10eac30c13546fde43d23636b3f421e7c" logic_hash = "efbf3fd36c3ca5c2b95796cdaefb175ad1957866649e73366a1d6810cbcb5e81" score = 40 @@ -276682,8 +276729,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sunmicrosystemsinc_Vboxdrvsys_Sunvirtualbox_R_78 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7068-L7088" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7068-L7088" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "78827fa00ea48d96ac9af8d1c1e317d02ce11793e7f7f6e4c7aac7b5d7dd490f" hash = "c26b51b4c37330800cff8519252e110116c3aaade94ceb9894ec5bfb1b8f9924" logic_hash = "5e95853e7a2013132a6565b5908475e6369a56ff6c58f0e10c875b72b15b2523" @@ -276713,8 +276760,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Corsairmemoryinc_Corsairllaccess_Corsairllaccess date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7091-L7111" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7091-L7111" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5fad3775feb8b6f6dcbd1642ae6b6a565ff7b64eadfc9bf9777918b51696ab36" hash = "29a90ae1dcee66335ece4287a06482716530509912be863c85a2a03a6450a5b6" logic_hash = "5dc9ec007f318b16034b43248be9807c024780aa58eb714982130656e7f2b6a6" @@ -276744,8 +276791,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Razerinc_Rzpnk_Rzpnk_16E2 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7114-L7134" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7114-L7134" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "16e2b071991b470a76dff4b6312d3c7e2133ad9ac4b6a62dda4e32281952fb23" hash = "0c925468c3376458d0e1ec65e097bd1a81a03901035c0195e8f6ef904ef3f901" logic_hash = "162cf712c505520635388ec61c69165a2fff8704c7edef58c63cc8cbcc624e0d" @@ -276775,8 +276822,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7137-L7157" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7137-L7157" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "060d25126e45309414b380ee29f900840b689eae4217a8e621563f130c1d457f" hash = "b8321471be85dc8a67ac18a2460cab50e7c41cb47252f9a7278b1e69d6970f25" logic_hash = "f7a87edc0403a7b8273256805bb8c7aadadde8143db84be9b3968ef67cf3c1c4" @@ -276806,8 +276853,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Ludashicom_Computerzsys_7553 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7160-L7180" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7160-L7180" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7553c76b006bd2c75af4e4ee00a02279d3f1f5d691e7dbdc955eac46fd3614c3" hash = "64dddd5ac53fe2c9de2b317c09034d1bccaf21d6c03ccfde3518e5aa3623dd66" logic_hash = "e60b387fe83bffdd1411f3b8fb491f0b60ff0de3eac87c9c5ee8c55ca6c48afc" @@ -276837,8 +276884,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Overclockingtool_Atillksys_Overclockingtool_11A9 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7183-L7203" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7183-L7203" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "11a9787831ac4f0657aeb5e7019c23acc39d8833faf28f85bd10d7590ea4cc5f" hash = "d2182b6ef3255c7c1a69223cd3c2d68eb8ba3112ce433cd49cd803dc76412d4b" logic_hash = "07b8fb1b1b86b58a6fb7f18f3b1b70eee5826fa5c629a8cef1b97afbae7ea7c3" @@ -276868,8 +276915,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tgsoftsas_Viragtsys_Viritagentsystem_2A62 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7206-L7225" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7206-L7225" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2a6212f3b68a6f263e96420b3607b31cfdfe51afff516f3c87d27bf8a89721e8" logic_hash = "5fae0a4ba7d11e3714baab3417a1bdd9fff6275fa9347c0389d8627374533bbf" score = 40 @@ -276898,8 +276945,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_AAA3 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7228-L7247" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7228-L7247" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "aaa3459bcac25423f78ed72dbae4d7ef19e7c5c65770cbe5210b14e33cd1816c" logic_hash = "bb87661658fa874985bbe1050c19eb8ea9136ec62c224d53cd4920866e6a6b1f" score = 40 @@ -276928,8 +276975,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswvmmsys_Avastantivirus_3650 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7250-L7269" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7250-L7269" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "36505921af5a09175395ebaea29c72b2a69a3a9204384a767a5be8a721f31b10" logic_hash = "afe8e12664ee9061c2b2ecdcaaef0c38ece604d050e31b46208f9a22545042ca" score = 40 @@ -276958,8 +277005,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Gigabytetechnologycoltd_Gdrvsys_Gdrv_FF67 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7272-L7291" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7272-L7291" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ff6729518a380bf57f1bc6f1ec0aa7f3012e1618b8d9b0f31a61d299ee2b4339" logic_hash = "18c40b7312d0b65d83287e452e8b9429eaed36245d17ef1b82ec04a968303a39" score = 40 @@ -276988,8 +277035,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sysinternalswwwsysinternalscom_Procexpsys_Proces date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7294-L7313" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7294-L7313" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "440883cd9d6a76db5e53517d0ec7fe13d5a50d2f6a7f91ecfc863bc3490e4f5c" logic_hash = "b038dcb0a536e16d71035d11537757f529589a435616abacd94aadd5663c2a17" score = 40 @@ -277018,8 +277065,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Rivetnetworksllc_Kfecodrvsys_Killertrafficcontro date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7316-L7335" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7316-L7335" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "b583414fcee280128788f7b39451c511376fe821f455d4f3702795e96d560704" logic_hash = "d4f37a4c7014694cfcf57c11ee9d41edec1b6fa77a564341663c3411764dbcda" score = 40 @@ -277048,8 +277095,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7338-L7357" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7338-L7357" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3d008e636e74c846fe7c00f90089ff725561cb3d49ce3253f2bbfbc939bbfcb2" logic_hash = "d52c104de520b575b404d320a8ec762a146da8cc0567b5f30dc8594b7a1742ef" score = 40 @@ -277078,8 +277125,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroaegis_ED2F : F date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7360-L7379" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7360-L7379" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ed2f33452ec32830ffef2d5dc832985db9600c306ed890c47f3f33ccbb335c39" logic_hash = "1da8ef4d1877ba9d2c31d994735f6395367de990be6c875c0cba37654ee39ad3" score = 40 @@ -277108,8 +277155,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibxsys_Ntiolib_09BE : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7382-L7401" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7382-L7401" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "09bedbf7a41e0f8dabe4f41d331db58373ce15b2e9204540873a1884f38bdde1" logic_hash = "23f5a77bae75d686a980e65dd6efe4ad216a60d75631fed169a83cc88d64675e" score = 40 @@ -277138,8 +277185,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Aegis_A802 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7404-L7423" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7404-L7423" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a8027daa6facf1ff81405daf6763249e9acf232a1a191b6bf106711630e6188e" logic_hash = "8ef06932883bbd5ad62bd5d975fb341277a83271f7a21fc77cdebc6b9f4a05a6" score = 40 @@ -277168,8 +277215,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpotsys_Avginternetsecu date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7426-L7445" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7426-L7445" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0f016c80c4938fbcd47a47409969b3925f54292eba2ce01a8e45222ce8615eb8" logic_hash = "014039b9b1b4ea903b4c014ca3d3ff946b1b0f4759d8d78c1fcf825d11318e42" score = 40 @@ -277198,8 +277245,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sunmicrosystemsinc_Vboxdrvsys_Sunvirtualbox_R_75 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7448-L7467" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7448-L7467" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7539157df91923d4575f7f57c8eb8b0fd87f064c919c1db85e73eebb2910b60c" logic_hash = "dd40b144e403136b4359106d2efeb24335b83ffc13a62fdce7c9bd602dc45506" score = 40 @@ -277228,8 +277275,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Interfacecorporation_Cpxcsys_Gpcxc_1183 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7470-L7489" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7470-L7489" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "11832c345e9898c4f74d3bf8f126cf84b4b1a66ad36135e15d103dbf2ac17359" logic_hash = "5842fcb278bb2b659760677fea80cbb110347e495e9f1a39fc901f0927753b88" score = 40 @@ -277258,8 +277305,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_478D : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7492-L7511" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7492-L7511" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "478d855b648ef4501d3b08b3b10e94076ac67546b0ce86b454324f1bf9a78aa0" logic_hash = "29a09ee10d391b3183052255622f7b96a0e2bf649acc30e10d57e1cb3b17b84f" score = 40 @@ -277288,8 +277335,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Activeclean_A903 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7514-L7533" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7514-L7533" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a903f329b70f0078197cb7683aae1bb432eaf58572fe572f7cb4bc2080042d7e" logic_hash = "b79d850df65fa7a96642e4a1da2240e001c87d44d64c621c756face489c0eb6b" score = 40 @@ -277318,8 +277365,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sysinternalswwwsysinternalscom_Procexpsys_Proces date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7536-L7556" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7536-L7556" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3ff39728f1c11d1108f65ec5eb3d722fd1a1279c530d79712e0d32b34880baaa" hash = "86721ee8161096348ed3dbe1ccbf933ae004c315b1691745a8af4a0df9fed675" logic_hash = "3035342ffaf651efc8de23d2da68540ee7d89b2bf2b5c2925094e7fe2a3f7c28" @@ -277349,8 +277396,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realixtm_Hwinfosys_Hwinfokerneldriver_1B17 : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7559-L7578" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7559-L7578" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1b17d12076d047e74d15e6e51e10497ad49419bec7fbe93386c57d3efbaadc0b" logic_hash = "cd8e28cc91da2da748b449b175c24f7271019fa6e9b475b8689183eb1866c59a" score = 40 @@ -277379,8 +277426,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_6CF1 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7581-L7599" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7581-L7599" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6cf1cac0e97d30bb445b710fd8513879678a8b07be95d309cbf29e9b328ff259" logic_hash = "60fcd09b5ad2beef9a28c78590e6a935b5a2818db45175960527285a4a765ea5" score = 40 @@ -277408,8 +277455,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tenasyscorporation_Rtifsys_Intime_EAE5 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7602-L7621" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7602-L7621" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "eae5c993b250dcc5fee01deeb30045b0e5ee7cf9306ef6edd8c58e4dc743a8ed" logic_hash = "ea0bb86a2cc5f3349678d9a698e14301207ba1bf6c19f9caf91abd72e7794a8c" score = 40 @@ -277438,8 +277485,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sysinternalswwwsysinternalscom_Procexpsys_Proces date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7624-L7643" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7624-L7643" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "bdbceca41e576841cad2f2b38ee6dbf92fd77fbbfdfe6ecf99f0623d44ef182c" logic_hash = "c4310d622e5861f4c63d9e9c39ee94acbfb35d24a91f50158f1d695d1f0cf254" score = 40 @@ -277468,8 +277515,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Databaseharborsoftware_Sysinfodetectorxsys_Sysin date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7646-L7665" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7646-L7665" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "45e5977b8d5baec776eb2e62a84981a8e46f6ce17947c9a76fa1f955dc547271" logic_hash = "3c67bbee00427b7f8ed689a5ff83641bad2b62dc685b5155ea81f6dbba4377b0" score = 40 @@ -277498,8 +277545,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_7048 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7668-L7689" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7668-L7689" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7048d90ed4c83ad52eb9c677f615627b32815066e34230c3b407ebb01279bae6" hash = "d80714d87529bb0bc7abcc12d768c43a697fbca59741c38fa0b46900da4db30e" hash = "fed0fe2489ae807913be33827b3b11359652a127e33b64464cc570c05abd0d17" @@ -277530,8 +277577,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_7837 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7692-L7711" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7692-L7711" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7837cb350338c4958968d06b105466da6518f5bb522a6e70e87c0cad85128408" logic_hash = "0d0e3e2675e5d6b11369a388a6e7a947e603db2562aefb802c977728419bb667" score = 40 @@ -277560,8 +277607,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmelsys_Trendmicroearlylaunchantim date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7714-L7733" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7714-L7733" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e505569892551b2ba79d8792badff0a41faea033e8d8f85c3afea33463c70bd9" logic_hash = "7645c180f10ba31e259cdfa4904c16941ce777412416527c95fa9592ed76da8c" score = 40 @@ -277590,8 +277637,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Ncrcorporation_Radhwmgrsys_Ncrcorporationhardwar date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7736-L7755" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7736-L7755" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "df96d844b967d404e58a12fc57487abc24cd3bd1f8417acfe1ce1ee4a0b0b858" logic_hash = "2194da0b4589893a0884b9a8c0ed5a556b008152b9c03613074892001406fc21" score = 40 @@ -277620,8 +277667,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpotsys_Avginternetsecu date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7758-L7777" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7758-L7777" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0b2ad05939b0aabbdc011082fad7960baa0c459ec16a2b29f37c1fa31795a46d" logic_hash = "e4e6178a894262ed52bd5ee6e0879f54d4cb81ec467f065f0b00d34ac55064b0" score = 40 @@ -277650,8 +277697,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tenasyscorporation_Rtifsys_Intime_BA40 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7780-L7799" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7780-L7799" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ba40b1fc798c2f78165e78997b4baf3d99858ee39a372ca6fbc303057793e50d" logic_hash = "ea4d6b524d8e4229b090890145a02617482c38ae077d5fd9a7fd46fa6e917b1a" score = 40 @@ -277680,8 +277727,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_828A : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7802-L7821" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7802-L7821" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "828a18b16418c021b6c4aa8c6d54cef4e815efca0d48b9ff14822f9ccb69dff2" logic_hash = "e5eb524d77c082acac68ea7b24bf10e445dd1afc9be97333980d8a8d580a6e98" score = 40 @@ -277710,8 +277757,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sunmicrosystemsinc_Vboxusbmonsys_Virtualboxusbmo date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7824-L7843" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7824-L7843" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "8a2482e19040d591c7cec5dfc35865596ce0154350b5c4e1c9eecc86e7752145" logic_hash = "bf3569ba1652fc95c0752a4bf58586ecbe41db63d58ff6326cbd7ef6c2d5b65f" score = 40 @@ -277740,8 +277787,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Copyright_Advancedmalwareprotection_6F55 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7846-L7864" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7846-L7864" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6f55c148bb27c14408cf0f16f344abcd63539174ac855e510a42d78cfaec451c" logic_hash = "4b5b303a3311ec88e1ebad890eb08fe3af13b3c6fdd7cf88421a9f7590661832" score = 40 @@ -277769,8 +277816,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_0DC4 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7867-L7886" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7867-L7886" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0dc4ff96d7e7db696e0391c5a1dda92a0b0aedbf1b0535bf5d62ebeec5b2311c" logic_hash = "291aa7d4bd435f112fb6678d8b495d38df94b7a6256d71ac39dd055ab3c94719" score = 40 @@ -277799,8 +277846,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tenasyscorporation_Rtifsys_Intime_3670 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7889-L7909" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7889-L7909" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3670ccd9515d529bb31751fcd613066348057741adeaf0bffd1b9a54eb8baa76" hash = "0d133ced666c798ea63b6d8026ec507d429e834daa7c74e4e091e462e5815180" logic_hash = "3ca3c8fe11a696ad5eaf4b806c277a903a665b3c16a5c8a86dbf8468a71ad9ee" @@ -277830,8 +277877,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_EEA5 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7912-L7931" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7912-L7931" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "eea53103e7a5a55dc1df79797395a2a3e96123ebd71cdd2db4b1be80e7b3f02b" logic_hash = "47bcbc01fc9d12d72613093da34efd44b9d45af700a83450e36aed9fa972ae9b" score = 40 @@ -277860,8 +277907,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_9CA5 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7934-L7953" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7934-L7953" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9ca586b49135166eea00c6f83329a2d134152e0e9423822a51c13394265b6340" logic_hash = "a666e2b5c53129dc1f82a945d828bb84fc31e54c1c69cc6666222e4b9a45ea39" score = 40 @@ -277890,8 +277937,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realixtm_Hwinfosys_Hwinfokerneldriver_4E54 : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7956-L7975" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7956-L7975" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4e54e98df13110aac41f3207e400cce2a00df29ce18c32186e536c1de25a75ce" logic_hash = "81a80cb4cdeb79ba7b32cb981c4f6d986fc465a78566aded7d7bf3f06e3e027f" score = 40 @@ -277920,8 +277967,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Intelcorporation_Iqvwsys_Intelriqvwsys_2D2C : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L7978-L7997" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L7978-L7997" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2d2c7ee9547738a8a676ab785c151e8b48ed40fe7cf6174650814c7f5f58513b" logic_hash = "991c554b098cc048d925ab989b0ca3950b07fd13e75ddcc0e8d8f4e24f6e58a6" score = 40 @@ -277950,8 +277997,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Almicosoftware_Sfdrvxsys_Speedfan_X_F4EE : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8000-L8019" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8000-L8019" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f4ee803eefdb4eaeedb3024c3516f1f9a202c77f4870d6b74356bbde32b3b560" logic_hash = "7ad25b1c03c5f7aff57f6ae40fae6232a0649d643a4ccd6ed1eee886bfad7f68" score = 40 @@ -277980,8 +278027,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_5CFA : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8022-L8041" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8022-L8041" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5cfad3d473961763306d72c12bd5ae14183a1a5778325c9acacca764b79ca185" logic_hash = "772f33e1190458ffbe4f6636fc775fea47d4ab242cecc5a77d00ee34de4ecf86" score = 40 @@ -278010,8 +278057,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Computerzsys_Ludashisystemdriver_898E : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8044-L8064" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8044-L8064" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "898e07cf276ec2090b3e7ca7c192cc0fa10d6f13d989ef1cb5826ca9ce25b289" hash = "07d0090c76155318e78a676e2f8af1500c20aaa1e84f047c674d5f990f5a09c8" logic_hash = "8895375f8ce3efa2fec38f6b42d4401b64d5dbde4c1bd9eead31ecb442f72588" @@ -278041,8 +278088,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8067-L8087" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8067-L8087" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "afda5af5f210336061bff0fab0ed93ee495312bed639ec5db56fbac0ea8247d3" hash = "b2364c3cf230648dad30952701aef90acfc9891541c7e154e30c9750da213ed1" logic_hash = "c969121df4f2e873fbff32b00484550a8a80e4fcc0cd093a2c93c566c249977a" @@ -278072,8 +278119,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Interfacecorporation_Cpxcsys_Gpcxcdiobmpcicpci_6 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8090-L8110" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8090-L8110" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "63865f04c1150655817ed4c9f56ad9f637d41ebd2965b6127fc7c02757a7800e" hash = "9c8ed1506b3e35f5eea6ac539e286d46ef76ddbfdfc5406390fd2157c762ce91" logic_hash = "ceae34b4cd1698fc1d779b5860437b1017401c8f954d74804fcdbb13a5603186" @@ -278103,8 +278150,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrddkprovider_Rtportsys_Windowsrddkdriver_ date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8113-L8134" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8113-L8134" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c490d6c0844f59fdb4aa850a06e283fbf5e5b6ac20ff42ead03d549d8ae1c01b" hash = "a29093d4d708185ba8be35709113fb42e402bbfbf2960d3e00fd7c759ef0b94e" hash = "e3dbafce5ad2bf17446d0f853aeedf58cc25aa1080ab97e22375a1022d6acb16" @@ -278135,8 +278182,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Arthurliberman_Alsysiosys_Alsysio_119C : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8137-L8156" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8137-L8156" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "119c48b79735fda0ecd973d77d9bdc6b329960caed09b38ab454236ca039d280" logic_hash = "1ff636a8954a5f049c582d8436111ffe5a4e89e3f38870c9c8ac9706f0b1acd2" score = 40 @@ -278165,8 +278212,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tgsoftsas_Viragtsys_Viritagentsystem_263E : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8159-L8178" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8159-L8178" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "263e8f1e20612849aea95272da85773f577fd962a7a6d525b53f43407aa7ad24" logic_hash = "c4a5f4e6908dcf3280adcebb9d8c58fb58be06267b524cb37f15d99091eb4a98" score = 40 @@ -278195,8 +278242,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Almicosoftware_Sfdrvxsys_Speedfan_X_88FB : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8181-L8200" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8181-L8200" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "88fb0a846f52c3b680c695cd349bf56151a53a75a07b8b0b4fe026ab8aa0a9af" logic_hash = "9c38d3552116177e73a66e56d3f53f8f50ed698a8747cbc59ccbee3cfec0db0d" score = 40 @@ -278225,8 +278272,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibsys_Ntiolib_E839 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8203-L8222" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8203-L8222" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e83908eba2501a00ef9e74e7d1c8b4ff1279f1cd6051707fd51824f87e4378fa" logic_hash = "452a3eeb969ca2a3145b1f525401490911aeec23b29e88395f33dddb693417d0" score = 40 @@ -278255,8 +278302,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Hilschergesellschaftfrsystemaoutomationmbh_Physm date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8225-L8244" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8225-L8244" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c299063e3eae8ddc15839767e83b9808fd43418dc5a1af7e4f44b97ba53fbd3d" logic_hash = "64d1a7c9772d6a627bd2cec5c466a2627fa28d4a640ebe7fac5b948a02f1ff2a" score = 40 @@ -278285,8 +278332,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tenasyscorporation_Rtifsys_Intime_4CE8 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8247-L8266" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8247-L8266" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4ce8583768720be90fae66eed3b6b4a8c7c64e033be53d4cd98246d6e06086d0" logic_hash = "65d2d5a1727f55c5a09c2dac5472095b92316eaaabf6356224b175ffe6b7c5a3" score = 40 @@ -278315,8 +278362,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Advancedmicrodevices_Amdryzenmasterdriversys_Amd date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8269-L8288" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8269-L8288" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "af1011c76a22af7be97a0b3e0ce11aca0509820c59fa7c8eeaaa1b2c0225f75a" logic_hash = "9fc3405f0415b37f348f5a7ea83344a60a9a987acfa844663811e834927f234a" score = 40 @@ -278345,8 +278392,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_ADA4 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8291-L8310" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8291-L8310" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ada4e42bf5ef58ef1aad94435441003b1cc1fcaa5d38bfdbe1a3d736dc451d47" logic_hash = "d102d9add684a93cec7f05196b3e3ca39ff470df7df1b5fd58001b460c0a2dfc" score = 40 @@ -278375,8 +278422,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tgsoftsas_Viragtsys_Viritagentsystem_9B2F : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8313-L8332" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8313-L8332" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9b2f051ac901ab47d0012a1002cb8b2db28c14e9480c0dd55e1ac11c81ba9285" logic_hash = "156c30e23f3a22442c635c449290dfcfc5f02fb3b3a0a65f0966306bd1d71f7c" score = 40 @@ -278405,8 +278452,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_F629 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8335-L8354" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8335-L8354" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f62911334068c9edd44b9c3e8dee8155a0097aa331dd4566a61afa3549f35f65" hash = "0cf91e8f64a7c98dbeab21597bd76723aee892ed8fa4ee44b09f9e75089308e2" logic_hash = "b4ad3eedff5e41aa07d42c46dd5ef97ef281c049ed676e6b93474f21e20da428" @@ -278435,8 +278482,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cyreninc_Amp_Cyrenamp_CBB8 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8357-L8376" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8357-L8376" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "cbb8239a765bf5b2c1b6a5c8832d2cab8fef5deacadfb65d8ed43ef56d291ab6" logic_hash = "79514ed74f7ca8fae3b4a36ae240d325fb70555cb8371e03a498b6fb9992b961" score = 40 @@ -278465,8 +278512,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Netfiltersdkcom_Lgdcatchersys_Netfiltersdk_0C42 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8379-L8398" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8379-L8398" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0c42fe45ffa9a9c36c87a7f01510a077da6340ffd86bf8509f02c6939da133c5" logic_hash = "ca3a99d2b899c907450d0a975db142d391135f70d8f6e42f937e03e2b0c7a9ce" score = 40 @@ -278495,8 +278542,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Supermicrocomputerinc_Superbmc_Superbmc_F843 : F date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8401-L8420" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8401-L8420" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f8430bdc6fd01f42217d66d87a3ef6f66cb2700ebb39c4f25c8b851858cc4b35" logic_hash = "a628c561060c20f97c03b11be8c6d475b390d10ee7bf8dff9cc05600d68b8fc8" score = 40 @@ -278525,8 +278572,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpotsys_Avginternetsecu date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8423-L8442" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8423-L8442" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1023dcd4c80db19e9f82f95b1c5e1ddb60db7ac034848dd5cc1c78104a6350f4" logic_hash = "5dd553f7a90a5680d1a250a951e0166a526690dbef5fe431fa37347b3a5f2078" score = 40 @@ -278555,8 +278602,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Intelcorporation_Iqvwsys_Intelriqvwsys_F877 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8445-L8465" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8445-L8465" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f877296e8506e6a1acbdacdc5085b18c6842320a2775a329d286bac796f08d54" hash = "de3597ae7196ca8c0750dce296a8a4f58893774f764455a125464766fcc9b3b5" logic_hash = "65966a05952fcf57b8d722154fe6dcafba49fffa0494086e1ff2bf76229d0c78" @@ -278586,8 +278633,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8468-L8487" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8468-L8487" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ae3a6a0726f667658fc3e3180980609dcb31bdbf833d7cb76ba5d405058d5156" logic_hash = "7ff6b127fcdbe2a1612d46fccdf23d0fbaa2f6a91a54b718658ebd2d3fea8bce" score = 40 @@ -278616,8 +278663,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Almicosoftware_Sfdrvxsys_Speedfan_X_AD23 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8490-L8509" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8490-L8509" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ad23d77a38655acb71216824e363df8ac41a48a1a0080f35a0d23aa14b54460b" logic_hash = "8cdd734afe9bdf25157395096e64bfa743e4f17e1bde796269d6b5c875147561" score = 40 @@ -278646,8 +278693,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrddkprovider_Rtportsys_Windowsrddkdriver_ date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8512-L8531" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8512-L8531" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6f806a9de79ac2886613c20758546f7e9597db5a20744f7dd82d310b7d6457d0" logic_hash = "707ec81c9fb679a439f23e97e92c6d08b541cd433bfa4fa4296a664cabb403d0" score = 40 @@ -278676,8 +278723,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realtek_Rtkiowxsys_Realtekiodriver_B205 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8534-L8553" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8534-L8553" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "b205835b818d8a50903cf76936fcf8160060762725bd74a523320cfbd091c038" logic_hash = "8313ea1ab68c635fd99927884741a087ea5d93e3e2d3d3c9171609f17545d3cc" score = 40 @@ -278706,8 +278753,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Filseclabcorporation_Filnk_Filseclabdynamicdefen date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8556-L8575" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8556-L8575" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ae55a0e93e5ef3948adecf20fa55b0f555dcf40589917a5bfbaa732075f0cc12" logic_hash = "36e491c2841bb77cfc3c07545a30af7edef940e4f36fffd33f6a35f5d8980c86" score = 40 @@ -278736,8 +278783,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sisoftware_Sandra_Sisoftwaresandra_CBF7 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8578-L8597" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8578-L8597" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "cbf74bed1a4d3d5819b7c50e9d91e5760db1562d8032122edac6f0970f427183" logic_hash = "4093b8e8e67632b5ee28b0e8843398e3e32c33b6fbb18c68730f4495d4c025ad" score = 40 @@ -278766,8 +278813,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8600-L8619" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8600-L8619" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a47555d04b375f844073fdcc71e5ccaa1bbb201e24dcdebe2399e055e15c849f" logic_hash = "212de91b3abdc9948aad64531983df3c75e36ff73e56a6b5e8a488571fc39465" score = 40 @@ -278796,8 +278843,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtier_66F8 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8622-L8641" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8622-L8641" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "66f8bd2b29763acfbb7423f4c3c9c3af9f3ca4113bd580ab32f6e3ee4a4fc64e" hash = "7f84f009704bc36f0e97c7be3de90648a5e7c21b4f870e4f210514d4418079a0" logic_hash = "bb8f360956167a6616fa3449f4dcbc78f938a69c979298d921757c6f1e779601" @@ -278826,8 +278873,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Dcprotectsys_Dcprotectrwi date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8644-L8663" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8644-L8663" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "55b5bcbf8fb4e1ce99d201d3903d785888c928aa26e947ce2cdb99eefd0dae03" logic_hash = "3379ec91998a5850e3181784a43fa669817d2f3930bc790bf7b46857a2393d93" score = 40 @@ -278856,8 +278903,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Asustekcomputerinc_Atsziosys_Atsziodriver_1A4F : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8666-L8689" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8666-L8689" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1a4f7d7926efc3e3488758ce318246ea78a061bde759ec6c906ff005dd8213e5" hash = "0da746e49fd662be910d0e366934a7e02898714eaaa577e261ab40eb44222b5c" hash = "e32ab30d01dcff6418544d93f99ae812d2ce6396e809686620547bea05074f6f" @@ -278890,8 +278937,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Filseclabcorporation_Filwfp_Filseclabfirewall_49 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8692-L8711" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8692-L8711" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "490cfbb540dcd70b7bff4fdd62e7ed7400bbfebaf5083523d49f7184670f7b9a" logic_hash = "722b36f80e7c899c75667c989390161a30d1336be397c771174e8753865a6f8c" score = 40 @@ -278920,8 +278967,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Asrockincorporation_Asrautochkupddrvsys_Asrautoc date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8714-L8733" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8714-L8733" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4ae42c1f11a98dee07a0d7199f611699511f1fb95120fabc4c3c349c485467fe" logic_hash = "a07a0630526bf3b9d427a83b00269428059e640787a834ff129cdb23b4c4c245" score = 40 @@ -278950,8 +278997,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Razerinc_Rzpnk_Rzpnk_9E34 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8736-L8755" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8736-L8755" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9e3430d5e0e93bc4a5dccc985053912065e65722bfc2eaf431bc1da91410434c" logic_hash = "d07bb8afe8e9e55d9bbf5c96ab8be6bf1f3b65a08873f8956436b87ad3b826d8" score = 40 @@ -278980,8 +279027,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Wisecleanercom_Wiseunlosys_Wiseunlo_9D53 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8758-L8778" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8758-L8778" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9d530642aeb6524691d06b9e02a84e3487c9cdd86c264b105035d925c984823a" hash = "5e27fe26110d2b9f6c2bad407d3d0611356576b531564f75ff96f9f72d5fcae4" logic_hash = "bdf3933b96f571ca3f07d9c3775847d5053f3f147b75068e7dad4a152480935e" @@ -279011,8 +279058,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_BCFC : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8781-L8800" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8781-L8800" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "bcfc2c9883e6c1b8429be44cc4db988a9eecb544988fbd756d18cfca6201876f" logic_hash = "10b04a7ca71652632fb836bfb76f6be8b4c1d9e7e6566f623b52a850b3dbebde" score = 40 @@ -279041,8 +279088,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrddkprovider_Gdrvsys_Windowsrddkdriver_F4 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8803-L8823" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8803-L8823" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f4ff679066269392f6b7c3ba6257fc60dd609e4f9c491b00e1a16e4c405b0b9b" hash = "cfc5c585dd4e592dd1a08887ded28b92d9a5820587b6f4f8fa4f56d60289259b" logic_hash = "e7ca103b49c11733154f9f4bf164be90f25d3534ea103312047d7f1a9c240131" @@ -279072,8 +279119,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_DBC6 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8826-L8845" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8826-L8845" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "dbc604b4e01362a3e51357af4a87686834fe913852a4e0a8c0d4c1a0f7d076ed" logic_hash = "becd57b696fe37ea0ae1bd83aa1c00258d1a58fd83c80d9772bea625ad0d6afc" score = 40 @@ -279102,8 +279149,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Corsairmemoryinc_Corsairllaccess_Corsairllaccess date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8848-L8867" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8848-L8867" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f15ae970e222ce06dbf3752b223270d0e726fb78ebec3598b4f8225b5a0880b1" logic_hash = "ae01cd2b9b1c504298c0295fd4f3e54199df371787676f19ba0a3ad9340f0c56" score = 40 @@ -279132,8 +279179,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_4E37 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8870-L8889" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8870-L8889" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4e37592a2a415f520438330c32cfbdbd6af594deef5290b2fa4b9722b898ff69" logic_hash = "cd104e4130ef7fcc525a31aacc1180933cd6fe99a7b0c10a54622c512d699364" score = 40 @@ -279162,8 +279209,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_ECD0 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8892-L8911" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8892-L8911" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ecd07df7ad6fee9269a9e9429eb199bf3e24cf672aa1d013b7e8d90d75324566" logic_hash = "48342828a25e7fdd6dad197bb079d58fc1937b9630f021067a7f197e53c912d9" score = 40 @@ -279192,8 +279239,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realixtm_Hwinfosys_Hwinfokerneldriver_6701 : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8914-L8933" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8914-L8933" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6701433861742c08eb50f1e785962378143ad5b6c374ac29118168599f8a0f1c" logic_hash = "c6d8f88f83fffed54cd4adf0542a40531765b0cea0e963ed7ad5d646a7901f19" score = 40 @@ -279222,8 +279269,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Radiantsystemsinc_Radhwmgrsys_Radiantsystemsinch date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8936-L8955" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8936-L8955" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "00c3e86952eebb113d91d118629077b3370ebc41eeacb419762d2de30a43c09c" logic_hash = "d5975b9f192b982cb0febc0314e9597f387830e6c1cc4bf0202918ce75c8ca33" score = 40 @@ -279252,8 +279299,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Cn_Computerzsys_DEE3 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8958-L8978" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8958-L8978" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "dee384604d2d0018473941acbefe553711ded7344a4932daeffb876fe2fa0233" hash = "26ecd3cea139218120a9f168c8c0c3b856e0dd8fb2205c2a4bcb398f5f35d8dd" logic_hash = "106ecc5e36dbf66a7660d00bfcce40934528899d60bd2bb7711c56f515119fcc" @@ -279283,8 +279330,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpot_Avastantivirus_36E3 : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L8981-L9000" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L8981-L9000" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "36e3127f045ef1fa7426a3ff8c441092d3b66923d2b69826034e48306609e289" logic_hash = "c8c776a3ef3f452b261c7348f0634f9bac7e00f5028eeb56af41461d240a5216" score = 40 @@ -279313,8 +279360,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_FDA9 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9003-L9022" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9003-L9022" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "fda93c6e41212e86af07f57ca95db841161f00b08dae6304a51b467056e56280" logic_hash = "2548a054742e55e13e146fa3389c4fb17bdf4e7785bc824e5dd8be7d0cddd75a" score = 40 @@ -279343,8 +279390,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realixtm_Hwinfosys_Hwinfokerneldriver_6E9E : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9025-L9044" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9025-L9044" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6e9e9e0b9a23deec5f28dc45f0bbe7423565f037f74be2957e82e5f72c886094" logic_hash = "1a5841556e8589b9fda2167a5ad9c6ac0ec7bb9e9358220ebc18e9675fe6254b" score = 40 @@ -279373,8 +279420,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_1228 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9047-L9066" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9047-L9066" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1228d0b6b4f907384346f64e918cc28021fe1cd7d4e39687bca34a708998261a" logic_hash = "6d10896a203562741de37cb97e858a1d70451ad5fc1341ad80d6aa4765b8de9a" score = 40 @@ -279403,8 +279450,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Biostargroup_Iodriver_Biostariodriver_D205 : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9069-L9088" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9069-L9088" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d205286bffdf09bc033c09e95c519c1c267b40c2ee8bab703c6a2d86741ccd3e" logic_hash = "8c88f91ab8ff231e4ab6e532b8d71ba810fa62e684dec7fff6b74c4f85a96f65" score = 40 @@ -279433,8 +279480,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Amifldrvsys_Windowsrwindd date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9091-L9111" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9091-L9111" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "38d87b51f4b69ba2dae1477684a1415f1a3b578eee5e1126673b1beaefee9a20" hash = "ffc72f0bde21ba20aa97bee99d9e96870e5aa40cce9884e44c612757f939494f" logic_hash = "fb233e5c3cd88ab1450d3371b2f916af9dc8f0b5ffd145e47ad2f0678495b630" @@ -279464,8 +279511,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Inferre_Hwdetectngsys_Hwdetectngsys_D456 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9114-L9135" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9114-L9135" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d45600f3015a54fa2c9baa7897edbd821aeea2532e6aadb8065415ed0a23d0c2" hash = "43136de6b77ef85bc661d401723f38624e93c4408d758bc9f27987f2b4511fee" hash = "2f8b68de1e541093f2d4525a0d02f36d361cd69ee8b1db18e6dd064af3856f4f" @@ -279496,8 +279543,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Adlicesoftware_Truesight_Truesight_BFC2 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9138-L9157" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9138-L9157" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "bfc2ef3b404294fe2fa05a8b71c7f786b58519175b7202a69fe30f45e607ff1c" logic_hash = "31bf547d77d003653090c31588635255d5983e179146bf53b5624dc3fdcf8422" score = 40 @@ -279526,8 +279573,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9160-L9179" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9160-L9179" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "87b4c5b7f653b47c9c3bed833f4d65648db22481e9fc54aa4a8c6549fa31712b" logic_hash = "e1bf0fb9255ba7cd386ac0d51ce1d22ffde535a0064683f2178fac388b6944a0" score = 40 @@ -279556,8 +279603,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Highresolutionenterpriseswwwhighrezcouk_Inpoutxs date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9182-L9203" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9182-L9203" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f581decc2888ef27ee1ea85ea23bbb5fb2fe6a554266ff5a1476acd1d29d53af" hash = "f8965fdce668692c3785afa3559159f9a18287bc0d53abb21902895a8ecf221b" hash = "2d83ccb1ad9839c9f5b3f10b1f856177df1594c66cbbc7661677d4b462ebf44d" @@ -279588,8 +279635,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_12ED : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9206-L9225" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9206-L9225" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "12eda8b65ed8c1d80464a0c535ea099dffdb4981c134294cb0fa424efc85ee56" logic_hash = "9c43c1e37bcc87d616e8d7fa1a610b4d3f28b60d2203d0e466939a41b1a8a7d7" score = 40 @@ -279618,8 +279665,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realixtm_Hwinfosys_Hwinfokerneldriver_FF1C : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9228-L9247" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9228-L9247" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ff1ccef7374a1a5054a6f4437e3e0504b14ed76e17090cc6b1a4ec0e2da427a5" logic_hash = "ee97df01a31ceb88274de9890887f6203bee9b173a2034ad4570a9bb92d13dd2" score = 40 @@ -279648,8 +279695,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_EBE2 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9250-L9269" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9250-L9269" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ebe2e9ec6d5d94c2d58fbcc9d78c5f0ee7a2f2c1aed6d1b309f383186d11dfa3" logic_hash = "4f671c0023ef9bbb82a3fdd328709bb9c2a579fbef7f0a348b01fd4188ded3d4" score = 40 @@ -279678,8 +279725,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtierforwindows_V_CA34 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9272-L9290" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9272-L9290" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ca34f945117ec853a713183fa4e8cf85ea0c2c49ca26e73d869fee021f7b491d" logic_hash = "20276f0c10cef963957e6f868643166567862b89124d96371b80dfe217eab4b6" score = 40 @@ -279707,8 +279754,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Razerinc_Rzpnk_Rzpnk_46D1 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9293-L9315" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9293-L9315" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "46d1dc89cc5fa327e7adf3e3d6d498657240772b85548c17d2e356aac193dd28" hash = "dafa4459d88a8ab738b003b70953e0780f6b8f09344ce3cd631af70c78310b53" hash = "4c2d2122ef7a100e1651f2ec50528c0d1a2b8a71c075461f0dc58a1aca36bc61" @@ -279740,8 +279787,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Corsairmemoryinc_Corsairllaccess_Corsairllaccess date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9318-L9338" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9318-L9338" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a334bdf0c0ab07803380eb6ef83eefe7c147d6962595dd9c943a6a76f2200b0d" hash = "000547560fea0dd4b477eb28bf781ea67bf83c748945ce8923f90fdd14eb7a4b" logic_hash = "881222a52349787251b723640a42b468e4d3f8ee614329de61d7816b00beb9ff" @@ -279771,8 +279818,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_1C12 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9341-L9360" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9341-L9360" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1c1251784e6f61525d0082882a969cb8a0c5d5359be22f5a73e3b0cd38b51687" logic_hash = "d8f6326a34caddc2c91ac47e57ed022086bea7122203f166cd5e3176c369a3e4" score = 40 @@ -279801,8 +279848,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroaegis_4BC0 : F date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9363-L9382" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9363-L9382" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4bc0921ffd4acc865525d3faf98961e8decc5aec4974552cbbf2ae8d5a569de4" logic_hash = "1f138a336f979f9a4a75796cdd6cab5716a17f1ded02350db64a6ec618c7a1dd" score = 40 @@ -279831,8 +279878,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Iobitinformationtechnology_Iobitunlockersys_Unlo date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9385-L9404" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9385-L9404" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f85cca4badff17d1aa90752153ccec77a68ad282b69e3985fdc4743eaea85004" logic_hash = "1a7df58e346f6ae2224163302bbc14815c6d612c1414b59663d3d9f730925499" score = 40 @@ -279861,8 +279908,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtierforwindows_V_C190 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9407-L9425" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9407-L9425" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c190e4a7f1781ec9fa8c17506b4745a1369dcdf174ce07f85de1a66cf4b5ed8a" logic_hash = "44017c1fab02aec40335b310646d9760ce4db2da785d08a430442a5afe9d4887" score = 40 @@ -279890,8 +279937,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sysinternalswwwsysinternalscom_Procexpsys_Proces date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9428-L9447" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9428-L9447" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9b6a84f7c40ea51c38cc4d2e93efb3375e9d98d4894a85941190d94fbe73a4e4" logic_hash = "beca5e85d2b29d6a37e9d783facf37bb375095ae5d47a8a2eff663afbc22ffc3" score = 40 @@ -279920,8 +279967,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpotsys_Avginternetsecu date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9450-L9469" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9450-L9469" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7d43769b353d63093228a59eb19bba87ce6b552d7e1a99bf34a54eee641aa0ea" logic_hash = "5c3addc4d27338e1ed76b65327198acef97969b13e6ac8284153fcc1fd992b4d" score = 40 @@ -279950,8 +279997,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Ngiodriversys_Avastng_7337 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9472-L9492" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9472-L9492" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "733789d0a253e8d80cc3240e365b8d4274e510e36007f6e4b5fd13b07b084c3e" hash = "d1463b7fec911c10a8c96d84eb7c0f9e95fa488d826647a591a38c0593f812a4" logic_hash = "9f3772548952491a3c20cdecdba491017a7bb7c113360feae778426539e5d9b8" @@ -279981,8 +280028,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Aegis_ADC1 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9495-L9514" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9495-L9514" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "adc10de960f40fa9f6e28449748250fa9ddfd331115b77a79809a50c606753ee" logic_hash = "896055705d276e007082616e944be968d90087798e3c4cfcc35c3ecaf3a781b0" score = 40 @@ -280011,8 +280058,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Sbiosiosys_Samsungrbiosio date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9517-L9537" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9517-L9537" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1e24c45ce2672ee403db34077c88e8b7d7797d113c6fd161906dce3784da627d" hash = "39336e2ce105901ab65021d6fdc3932d3d6aab665fe4bd55aa1aa66eb0de32f0" logic_hash = "d9be90591690481e778ebb8a18c633d7ceccdaafa3989352d94bd1995e3470f4" @@ -280042,8 +280089,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpot_Avginternetsecurit date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9540-L9559" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9540-L9559" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "94911fe6f2aba9683b10353094caf71ee4a882de63b4620797629d79f18feec5" logic_hash = "45bd63fd965c9c40b0d687af623f58922c708608a25e58b2c1ad436312e6284d" score = 40 @@ -280072,8 +280119,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Fujitsulimited_Advdrvsys_Microsoftrwindowsropera date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9562-L9580" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9562-L9580" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "04a85e359525d662338cae86c1e59b1d7aa9bd12b920e8067503723dc1e03162" logic_hash = "7b98ca983166c65065b6fe146957ac438426c0ad2566016e0a61ca3be68f163e" score = 40 @@ -280101,8 +280148,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Advancedmicrodevices_Amdryzenmasterdriversys_Amd date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9583-L9602" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9583-L9602" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ff9623317287358440ec67da9ba79994d9b17b99ffdd709ec836478fe1fc22a5" logic_hash = "d47eec2132d31ce4f4009456805e7b75e43054edf13c3f056416638cf3928e41" score = 40 @@ -280131,8 +280178,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sunmicrosystemsinc_Vboxtapsys_Virtualboxhostinte date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9605-L9624" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9605-L9624" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "cfa28e2f624f927d4cbd2952306570d86901d2f24e3d07cc6277e98289d09783" logic_hash = "1fefb271c505de9c1d08d558a53f8150cb8724b1b97ac2014f30d2c593f05f6b" score = 40 @@ -280161,8 +280208,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Generalelectriccompany_Gedevicedriver_Proficymac date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9627-L9647" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9627-L9647" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a369942ce8d4b70ebf664981e12c736ec980dbe5a74585dd826553c4723b1bce" hash = "ae73dd357e5950face9c956570088f334d18464cd49f00c56420e3d6ff47e8dc" logic_hash = "e9af30ff414f7c42b656519453924a90be7cf567c5d5ac6c29713d6799a369c1" @@ -280192,8 +280239,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Ngiodriversys_Avastng_85FD : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9650-L9669" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9650-L9669" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "85fdd255c5d7add25fd7cd502221387a5e11f02144753890218dd31a8333a1a3" logic_hash = "dd2e7c64c1f0139e2c365e8f726e026c66857334dbfd29eda3ebffa483677b5f" score = 40 @@ -280222,8 +280269,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_7CF7 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9672-L9691" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9672-L9691" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7cf756afcaf2ce4f8fb479fdede152a17eabf4c5c7c329699dab026a4c1d4fd0" logic_hash = "f6570bb8a690a21b67637f265f36dbe8a3adb63e30c025216c25df73099ad173" score = 40 @@ -280252,8 +280299,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sysinternalswwwsysinternalscom_Procexpsys_7795 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9694-L9713" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9694-L9713" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "77950e2a40ac0447ae7ee1ee3ef1242ce22796a157074e6f04e345b1956e143c" logic_hash = "f59507fdf64c5eca6139f149595b9919704fead73d4e66c93630ca6cf9582a82" score = 40 @@ -280282,8 +280329,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sisoftware_Sandra_Sisoftwaresandra_B019 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9716-L9735" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9716-L9735" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "b019ebd77ac19cdd72bba3318032752649bd56a7576723a8ae1cccd70ee1e61a" logic_hash = "1ef6c4c199fad08babe5f4484444c157dfcfea891f392682689cf2df34088179" score = 40 @@ -280312,8 +280359,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Advancedmicrodevicesinc_Amdpowerprofilersys_Amdu date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9738-L9757" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9738-L9757" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0af5ccb3d33a9ba92071c9637be6254030d61998733a5eb3583e865e17844e05" logic_hash = "ac1fd75b411624e0f4cd6d455a61e1ac3c08d421182c4f9eb90698ee29eff77a" score = 40 @@ -280342,8 +280389,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realtek_Rtkiosys_Realtekiodriver_074A : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9760-L9779" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9760-L9779" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "074ae477c8c7ae76c6f2b0bf77ac17935a8e8ee51b52155d2821d93ab30f3761" logic_hash = "b76e7a17aa7da3d6a1972a40fbcaa4ca63edb4220b07d807ee54fea649b13a6d" score = 40 @@ -280372,8 +280419,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibsys_Ntiolib_98B7 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9782-L9801" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9782-L9801" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "98b734dda78c16ebcaa4afeb31007926542b63b2f163b2f733fa0d00dbb344d8" logic_hash = "db97be0a54fc813022a609ffdabe0e0cff306ef894c560f75a43a4aa890590d5" score = 40 @@ -280402,8 +280449,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Novellinc_Novellxtierforwindows_V_7A2C : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9804-L9822" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9804-L9822" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7a2cd1dc110d014165c001ce65578da0c0c8d7d41cc1fa44f974e8a82296fc25" logic_hash = "01badc48c33814577b1a6000b4ff46473b48f85d8f8e8d6071d26b81d3cde22d" score = 40 @@ -280431,8 +280478,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Zemanaltd_Zam_9A95 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9825-L9841" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9825-L9841" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9a95a70f68144980f2d684e96c79bdc93ebca1587f46afae6962478631e85d0c" logic_hash = "3b699e2afa7e4c4284d725cc159b46a609e4020703bc0efc7ba6563084d67f0e" score = 40 @@ -280458,8 +280505,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Intelcorporation_Iqvwsys_Intelriqvwsys_19BF : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9844-L9863" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9844-L9863" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "19bf0d0f55d2ad33ef2d105520bde8fb4286f00e9d7a721e3c9587b9408a0775" logic_hash = "b05c520a5816f2dc7a35319f7f5d11001c5d64cdee479e213ac95950acf26bfc" score = 40 @@ -280488,8 +280535,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Zemanaltd_Zam_2BBC : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9866-L9882" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9866-L9882" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2bbc6b9dd5e6d0327250b32305be20c89b19b56d33a096522ee33f22d8c82ff1" logic_hash = "d311a2d88741100de1ca65107b08418f0d5a3fc44e4e388faf3434f9fec77dcc" score = 40 @@ -280515,8 +280562,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Logitechinc_Lvavsys_Logitechwebcamsoftware_E86C date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9885-L9904" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9885-L9904" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e86cb77de7b6a8025f9a546f6c45d135f471e664963cf70b381bee2dfd0fdef4" logic_hash = "ffab2936594602db403cd2aa85e7dffdcb10ec199fe857b947ae3214492106d4" score = 40 @@ -280545,8 +280592,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Getactechnologycorporation_Mtcbsvsys_Getacsystem date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9907-L9926" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9907-L9926" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e6d1ee0455068b74cf537388c874acb335382876aa9d74586efb05d6cc362ae5" logic_hash = "bdd3eb671365ee774f50c3bbffc33aaffb3651f92101a133d1ddcc8b4a495e8f" score = 40 @@ -280575,8 +280622,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Hpinc_Hpportioxsys_Hpportio_C505 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9929-L9948" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9929-L9948" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c5050a2017490fff7aa53c73755982b339ddb0fd7cef2cde32c81bc9834331c5" logic_hash = "6174ef1374e0dfd523f7dcdbbdaab1002a95040c1a33f26bf5145d5dcbf87b08" score = 40 @@ -280605,8 +280652,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realtek_Rtkiowxsys_Realtekiodriver_AB8F : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9951-L9970" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9951-L9970" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ab8f2217e59319b88080e052782e559a706fa4fb7b8b708f709ff3617124da89" logic_hash = "9be0907f77c5d4803a1ad7ac79cc42c15807a5b2d43e00a2448c6278ad5ea6c4" score = 40 @@ -280635,8 +280682,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpot_Avginternetsecurit date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9973-L9992" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9973-L9992" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2ce81759bfa236913bbbb9b2cbc093140b099486fd002910b18e2c6e31fdc4f1" logic_hash = "0ac2638aaea5a401222d1451281ba8dba8fe4ef43da24e5eecbdd6d57f7b1dbb" score = 40 @@ -280665,8 +280712,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Innotekgmbh_Vboxtapsys_Virtualboxhostinterfacene date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L9995-L10014" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L9995-L10014" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "994f322def98c99aec7ea0036ef5f4b802120458782ae3867d116d55215c56e4" logic_hash = "25e4171bb112adf44101ca24c7d88e8a11a487b3c41d1f9eed29129c5621456b" score = 40 @@ -280695,8 +280742,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibsys_Ntiolib_9254 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10017-L10036" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10017-L10036" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9254f012009d55f555418ff85f7d93b184ab7cb0e37aecdfdab62cfe94dea96b" logic_hash = "cfe16d39c54ccb7ceca1e0fc1033a4d67a0bc9c62c27dcefabe07b68b947e688" score = 40 @@ -280725,8 +280772,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Dcprotectsys_Dcprotectrwi date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10039-L10058" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10039-L10058" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3af9c376d43321e813057ecd0403e71cafc3302139e2409ab41e254386c33ecb" logic_hash = "84d9015bf6ddbfcd60052a6ffcf4bfa6a2c2f8748b3b7f21ad65c1c8377dc3cb" score = 40 @@ -280755,8 +280802,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Intelcorporation_Iqvwsys_Intelriqvwsys_4429 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10061-L10081" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10061-L10081" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4429f32db1cc70567919d7d47b844a91cf1329a6cd116f582305f3b7b60cd60b" hash = "a59c40e7470b7003e8adfee37c77606663e78d7e3f2ebb8d60910af19924d8df" logic_hash = "3dd4326755957e11ca961eb87d0ccae5b63dc7ea4e9dc8e9c67e9c6d52bf894b" @@ -280786,8 +280833,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realtek_Rtkiowxsys_Realtekiodriver_32E1 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10084-L10103" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10084-L10103" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "32e1a8513eee746d17eb5402fb9d8ff9507fb6e1238e7ff06f7a5c50ff3df993" logic_hash = "fd106f69d83d2b1aeb1fdaf16f5809b0fd0d200dec00292efd9bd62422e518a8" score = 40 @@ -280816,8 +280863,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Micsystechnologycoltd_Msiosys_Msiodriverversion_ date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10106-L10125" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10106-L10125" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "43ba8d96d5e8e54cab59d82d495eeca730eeb16e4743ed134cdd495c51a4fc89" logic_hash = "910724e7bac9c9c83e703be52e43f4cd88dda344127f2ebc7aee01981467e9e7" score = 40 @@ -280846,8 +280893,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpotsys_Avginternetsecu date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10128-L10147" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10128-L10147" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1078af0c70e03ac17c7b8aa5ee03593f5decfef2f536716646a4ded1e98c153c" logic_hash = "e565dcf1bdc8ebaf90c1e42bf3e72ce561cb95f5977809fb9082bb430353dd9b" score = 40 @@ -280876,8 +280923,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Gigabytetechnologycoltd_Gdrvsys_Gigabytesoftware date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10150-L10169" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10150-L10169" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "26c28746e947389856543837aa59a5b1f4697e5721a04d00aa28151a2659b097" logic_hash = "2a6f460b66c7e94dfead7bdb3dc46a181ba2e33b40fca1812f0b412daf0a46c4" score = 40 @@ -280906,8 +280953,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Interfacecorporation_Cpxcsys_Gpcxcdiobmpcicpci_0 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10172-L10192" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10172-L10192" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "05c15a75d183301382a082f6d76bf3ab4c520bf158abca4433d9881134461686" hash = "4b4ea21da21a1167c00b903c05a4e3af6c514ea3dfe0b5f371f6a06305e1d27f" logic_hash = "485222f31dbe1e486e86c64b607de6742747b3ab2571adfc8c210205032b380b" @@ -280937,8 +280984,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_CC68 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10195-L10214" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10195-L10214" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "cc687fe3741bbde1dd142eac0ef59fd1d4457daee43cdde23bb162ef28d04e64" logic_hash = "26f1740a069d238aadb1922512e23184cb3cf34d9ef1ff1b942755a49fbd48b0" score = 40 @@ -280967,8 +281014,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tgsoftsas_Viragtsys_Viritagentsystem_A209 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10217-L10236" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10217-L10236" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a2096b460e31451659b0dde752264c362f47254c8191930bc921ff16a4311641" logic_hash = "33238c8b189c5aabe45b238a44fde02b6f9436329c8700ff5b64505784438e69" score = 40 @@ -280997,8 +281044,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrcodenamelonghornddkprovider_Cpudriver_Wi date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10239-L10258" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10239-L10258" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "159e7c5a12157af92e0d14a0d3ea116f91c09e21a9831486e6dc592c93c10980" logic_hash = "e4bcd8644bcc82c63d9d963aeb9a0a4250d8b3be3fb1122156148f4582fe6d48" score = 40 @@ -281027,8 +281074,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Proxydrvsys_Nn_0B20 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10261-L10280" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10261-L10280" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0b205838a8271daea89656b1ec7c5bb7244c42a8b8000d7697e92095da6b9b94" logic_hash = "04460d4fa04b60519b0479baab3e07b389dfe255f43b3dcea3d13ca33dc84ded" score = 40 @@ -281057,8 +281104,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Msi_Ntiolibsys_Ntiolib_1DDF : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10283-L10302" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10283-L10302" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1ddfe4756f5db9fb319d6c6da9c41c588a729d9e7817190b027b38e9c076d219" logic_hash = "23a5fb0826068df015769d604ff393d7d649b919efabd237a004c6946a358448" score = 40 @@ -281087,8 +281134,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_654C : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10305-L10324" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10305-L10324" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "654c5ba47f74008c8f49cbb97988017eec8c898adc3bb851bc6e1fdf9dcf54ad" logic_hash = "f494a64914971b82f191becf020023de1139e5f466e5c1db9912d1d1edbdd0f2" score = 40 @@ -281117,8 +281164,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Marvintestsolutionsinc_Hwsys_Hw_FD38 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10327-L10347" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10327-L10347" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "fd388cf1df06d419b14dedbeb24c6f4dff37bea26018775f09d56b3067f0de2c" hash = "6a4875ae86131a594019dec4abd46ac6ba47e57a88287b814d07d929858fe3e5" logic_hash = "9307a3f6003f6b88d4384aad37803597d7444bcfae806a9f3d59c9a1e59d56e5" @@ -281148,8 +281195,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpotsys_Avginternetsecu date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10350-L10369" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10350-L10369" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "6e0aa67cfdbe27a059cbd066443337f81c5b6d37444d14792d1c765d9d122dcf" logic_hash = "79370b21c6049790a259feebf590222ef8c57bb1564401d68a960ae2c547639a" score = 40 @@ -281178,8 +281225,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpotsys_Avginternetsecu date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10372-L10391" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10372-L10391" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "a2f45d95d54f4e110b577e621fefa0483fa0e3dcca14c500c298fb9209e491c1" logic_hash = "7fc1a629395b0558eecf2744dcb121a5b2cdbd51f4291a679f9526f21c4f21c0" score = 40 @@ -281208,8 +281255,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Advancedmicrodevices_Aoddriversys_Amdoverdrivese date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10394-L10413" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10394-L10413" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "81d54ebef1716e195955046ffded498a5a7e325bf83e7847893aa3b0b3776d05" logic_hash = "fc91d46473eecbc49e074df0c05a1dfee352d3607f9393a6836e37a1c071bdf6" score = 40 @@ -281238,8 +281285,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Realixtm_Hwinfosys_Hwinfokerneldriver_EC9B : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10416-L10435" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10416-L10435" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "ec9bd7fb90c3a2aa4605bd73fe1f74399e2cda75fd4c5fff84660ad4f797c4fe" logic_hash = "e16906686623895cf9d6e3c58701f32d44b50b1fe85b95dcf3a8978a62f06a3c" score = 40 @@ -281268,8 +281315,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sisoftware_Sandra_Sisoftwaresandra_D7C7 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10438-L10457" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10438-L10457" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d7c79238f862b471740aff4cc3982658d1339795e9ec884a8921efe2e547d7c3" logic_hash = "146b74a7750951a07d2e8b64d25e0c0371fc6295b2ee843cf6a7d67c272555a7" score = 40 @@ -281298,8 +281345,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorporation_Nvflash_Nvidiaflashdriver_AFDD date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10460-L10479" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10460-L10479" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "afdd66562dea51001c3a9de300f91fc3eb965d6848dfce92ccb9b75853e02508" logic_hash = "f23537a1efc5e13efb9e145d6c04bb21c3dc7cd49d1913755528f08b94c316ac" score = 40 @@ -281328,8 +281375,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_F85E : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10482-L10501" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10482-L10501" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f85eb576acb5db0d2f48e5f09a7244165a876fa1ca8697ebb773e4d7071d4439" logic_hash = "71bef9b60efad8f7bc149d93b94c37e59fd42f01ee01d7964c39ef0d79b997e0" score = 40 @@ -281358,8 +281405,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Vektortsecurityservice_Vboxdrv_Antidetectpublicb date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10504-L10523" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10504-L10523" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "26f41e4268be59f5de07552b51fa52d18d88be94f8895eb4a16de0f3940cf712" logic_hash = "913dc412be3eaa31903d3fac94e07174789bb746bb382a5f1c08fea50541f6c6" score = 40 @@ -281388,8 +281435,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_3C42 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10526-L10545" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10526-L10545" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3c4207c90c97733fae2a08679d63fbbe94dfcf96fdfdf88406aa7ab3f80ea78f" logic_hash = "b3e67939d8f6e6121c3d36dfe5ccb01c9cd2a2d5488053a9834c7cb147ac250e" score = 40 @@ -281418,8 +281465,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Asustekcomputerinc_Atsziosys_Atsziodriver_55A1 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10548-L10568" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10548-L10568" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "55a1535e173c998fbbc978009b02d36ca0c737340d84ac2a8da73dfc2f450ef9" hash = "c64d4ac416363c7a1aa828929544d1c1d78cf032b39769943b851cfc4c0faafc" logic_hash = "a6c5fd6c88e08f663479840ae853a0dd22427d0059f0c6aa961dcc1a395dacce" @@ -281449,8 +281496,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Sbiosiosys_Samsungrbiosio date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10571-L10591" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10571-L10591" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "b3d1bdd4ad819b99870b6e2ed3527dfc0e3ce27b929ad64382b9c3d4e332315c" hash = "442d506c1ac1f48f6224f0cdd64590779aee9c88bdda2f2cc3169b862cba1243" logic_hash = "5bcc568a4f4edc03e51801c4b256b34ed7f7ae08b7e00ca3f4bd7559502e3c76" @@ -281480,8 +281527,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sisoftware_Sandra_Sisoftwaresandra_1AAF : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10594-L10613" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10594-L10613" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1aaf4c1e3cb6774857e2eef27c17e68dc1ae577112e4769665f516c2e8c4e27b" logic_hash = "e441204be274ce4379526096008b545e2a53b11c26c270c2df0c1f70b98d1e57" score = 40 @@ -281510,8 +281557,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Dcprotectsys_Dcprotectrwi date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10616-L10635" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10616-L10635" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1698ba7eeee6ff9272cc25b242af89190ff23fd9530f21aa8f0f3792412594f3" logic_hash = "be362e0f19f3565a77b1dbd78ea04f85b7f56fd6889d8fa48ed9ded25134bc2e" score = 40 @@ -281540,8 +281587,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Aegis_C901 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10638-L10657" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10638-L10657" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c9014b03866bf37faa8fdb16b6af7cfec976aaef179fd5797d0c0bf8079d3a8c" logic_hash = "2320a0cc02aa28c6495f553b2c7c9c0486599e510d8378dfb3f15b988ff90983" score = 40 @@ -281570,8 +281617,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Symanteccorporation_Vproeventmonitorsys_Symantec date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10660-L10679" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10660-L10679" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7877c1b0e7429453b750218ca491c2825dae684ad9616642eff7b41715c70aca" logic_hash = "693ace66d01afcdd61fe23a3baa8b950153d38bdc386a43861005654c269cd3d" score = 40 @@ -281600,8 +281647,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Wj_Kprocesshacker_C725 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10682-L10700" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10682-L10700" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c725919e6357126d512c638f993cf572112f323da359645e4088f789eb4c7b8c" logic_hash = "78c3a92f79cbbc31d9191da527bf834e366454f1b5109600aca7954ca4e77226" score = 40 @@ -281629,8 +281676,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpot_Avastantivirus_7AD0 : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10703-L10722" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10703-L10722" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "7ad0ab23023bc500c3b46f414a8b363c5f8700861bc4745cecc14dd34bcee9ed" logic_hash = "2cfb950364b5259679e0dcc7ebe34fd6703ae376b5e1717428a88f0c2ba823f5" score = 40 @@ -281659,8 +281706,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_83A1 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10725-L10744" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10725-L10744" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "83a1fabf782d5f041132d7c7281525f6610207b38f33ff3c5e44eb9444dd0cbc" logic_hash = "16b76760cc8831b7e53cb5f12625cd1dcd059253aa195d763011ccc1cf48a2c5" score = 40 @@ -281689,8 +281736,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_C082 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10747-L10766" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10747-L10766" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c082514317bf80a2f5129d84a5a55e411a95e32d03a4df1274537704c80e41dd" logic_hash = "de63522d95ff422588d388c3533e268bd09fcf895d60277b7f7470ca7b1e9a33" score = 40 @@ -281719,8 +281766,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Creativetechnologyinnovationcoltd_Ctiiosys_Ctiio date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10769-L10788" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10769-L10788" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "2121a2bb8ebbf2e6e82c782b6f3c6b7904f686aa495def25cf1cf52a42e16109" logic_hash = "58b715cbea724f7d8f946f613ec35fc3bf29cc34c1e32ebc2910d73092f96d83" score = 40 @@ -281749,8 +281796,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Ssmartsoftwaresolutionsgmbh_Sysdrvs_Sysdrvs_0E53 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10791-L10810" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10791-L10810" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0e53b58415fa68552928622118d5b8a3a851b2fc512709a90b63ba46acda8b6b" logic_hash = "4d165a6f340f31b18e62ae9f35dd1c5e278217b949e6162119f0e512a262dc38" score = 40 @@ -281779,8 +281826,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_14AD : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10813-L10832" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10813-L10832" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "14adbf0bc43414a7700e5403100cff7fc6ade50bebfab16a17acf2fdda5a9da8" logic_hash = "157a559b87310d33a96c77208afd4ae9ceea23df99417408e413dee0be507dd3" score = 40 @@ -281809,8 +281856,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Geintelligentplatformsinc_Gedevicedriver_Proficy date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10835-L10855" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10835-L10855" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "cac5dc7c3da69b682097144f12a816530091d4708ca432a7ce39f6abe6616461" hash = "51145a3fa8258aac106f65f34159d23c54b48b6d54ec0421748b3939ab6778eb" logic_hash = "f3c26142b2f18490c79ea7a658397b9c029286a3040bf2159e3fcc76c4bbd788" @@ -281840,8 +281887,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrserverddkprovider_Cpuzsys_Windowsrserver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10858-L10877" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10858-L10877" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "3871e16758a1778907667f78589359734f7f62f9dc953ec558946dcdbe6951e3" logic_hash = "5613c77f79128bc7ac3bbe698dcd8be2fca2f59cb60a40ed97f0c80ba9aff690" score = 40 @@ -281870,8 +281917,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Lowleveldriver_F941 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10880-L10896" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10880-L10896" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "f9418b5e90a235339a4a1a889490faca39cd117a51ba4446daa1011da06c7ecd" logic_hash = "fdc81fdc11ac6db386f4c41c2c34ab9dbd8dd93836a6a91b9412288eca7f0411" score = 40 @@ -281897,8 +281944,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Intelcorporation_Iqvwsys_Intelriqvwsys_37C6 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10899-L10918" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10899-L10918" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "37c637a74bf20d7630281581a8fae124200920df11ad7cd68c14c26cc12c5ec9" logic_hash = "7ab6c3fe4c9cd61c171a71d631a8efc34121bac85e1abf5f281b150f4b6a77a5" score = 40 @@ -281927,8 +281974,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Toshibacorporation_Nchgbiosxsys_Toshibabiospacka date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10921-L10940" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10921-L10940" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "314384b40626800b1cde6fbc51ebc7d13e91398be2688c2a58354aa08d00b073" logic_hash = "ce2da14c74299d4ad3ab5b882de8bfe810444f21711f2417291bd0298a480e71" score = 40 @@ -281957,8 +282004,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Zemanaltd_Zam_5439 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10943-L10960" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10943-L10960" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "543991ca8d1c65113dff039b85ae3f9a87f503daec30f46929fd454bc57e5a91" hash = "ab2632a4d93a7f3b7598c06a9fdc773a1b1b69a7dd926bdb7cf578992628e9dd" logic_hash = "d43a364d3f39951140fa3b3395f1d74c306558a6c6946f665873e72377345949" @@ -281985,8 +282032,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sysinternalswwwsysinternalscom_Procexpsys_Proces date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10963-L10982" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10963-L10982" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "30abc0cc700fdebc74e62d574addc08f6227f9c7177d9eaa8cbc37d5c017c9bb" logic_hash = "7e1f69495559ca298a05ef6fb3817799b09d66013bae574ec585d27ef89b4dcc" score = 40 @@ -282015,8 +282062,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Zemanaltd_Zam_DE8F : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L10985-L11001" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L10985-L11001" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "de8f8006d8ee429b5f333503defa54b25447f4ed6aeade5e4219e23f3473ef1c" logic_hash = "0cb5b26dd0cd26c77df642ea6bfffdcede293cdb1ecc15430241ab538f835162" score = 40 @@ -282042,8 +282089,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Nvidiacorp_Nvoclocksys_Nvidiasystemutilitydriver date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11004-L11023" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11004-L11023" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "0fc0644085f956706ea892563309ba72f0986b7a3d4aa9ae81c1fa1c35e3e2d3" logic_hash = "be5fef829971251225d9cbb72d173affd394c8cce6116b0b705c4b02409b6096" score = 40 @@ -282072,8 +282119,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Supermicrocomputerinc_Phymem_Phymem_1963 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11026-L11045" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11026-L11045" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1963d5a0e512b72353953aadbe694f73a9a576f0241a988378fa40bf574eda52" logic_hash = "8f4cdca4c4bc91f216ee3d89093d482d6e56623a159c3eae6debc388cb9d108f" score = 40 @@ -282102,8 +282149,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sysinternalswwwsysinternalscom_Procexpsys_Proces date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11048-L11068" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11048-L11068" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "16a2e578bc8683f17a175480fea4f53c838cfae965f1d4caa47eaf9e0b3415c1" hash = "98a123b314cba2de65f899cdbfa386532f178333389e0f0fbd544aff85be02eb" logic_hash = "ee91ed74d1577bc881a029a6790de6d41e0b9494bfeeceec4511b3d8b7c5cff2" @@ -282133,8 +282180,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Vektortsecurityservice_Vboxdrv_Antidetectpublic_ date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11071-L11090" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11071-L11090" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "cfb7af8ac67a379e7869289aeee21837c448ea6f8ab6c93988e7aa423653bd40" logic_hash = "8611a572b8366722e237d622b3701072f564f13a73dd71899dbde6faeab73ef8" score = 40 @@ -282163,8 +282210,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Sunmicrosystemsinc_Vboxdrvsys_Sunvirtualbox_R_C8 date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11093-L11112" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11093-L11112" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "c8940e2e9b069ec94f9f711150b313b437f8429f78d522810601b6ee8b52bada" logic_hash = "4f0a6ffa08a2c219e47c6ae13f6cc6914fe7d0dccb0273bf0905dd9a71eb439f" score = 40 @@ -282193,8 +282240,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Pinduoduoltdcorp_Vboxdrv_Pinduoduosecurevdi_9DAB date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11115-L11134" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11115-L11134" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9dab4b6fddc8e1ec0a186aa8382b184a5d52cfcabaaf04ff9e3767021eb09cf4" logic_hash = "894060011b20c84849499127305d8f1d45621c5893f74d59c9278067a329a4d2" score = 40 @@ -282223,8 +282270,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Tgsoftsas_Viragtsys_Viritagentsystem_18DE : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11137-L11156" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11137-L11156" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "18deed37f60b6aa8634dda2565a0485452487d7bce88afb49301a7352db4e506" logic_hash = "d01aeb1783377e6067976e6955e63495706c96c8d6c113b393a47e6fe17992f0" score = 40 @@ -282253,8 +282300,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpotsys_Avginternetsecu date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11159-L11178" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11159-L11178" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "8cfd5b2102fbc77018c7fe6019ec15f07da497f6d73c32a31f4ba07e67ec85d9" logic_hash = "5bc5d8a6cd02e9a684515ea333084c788353641cb29ff08f18a1066d533cf0ed" score = 40 @@ -282283,8 +282330,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_D5C4 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11181-L11200" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11181-L11200" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "d5c4ff35eaa74ccdb80c7197d3d113c9cd38561070f2aa69c0affe8ed84a77c9" logic_hash = "d6ad094f2e26ff574917770a94af31110f2ed68e47ee082ad4adfcd7376679a5" score = 40 @@ -282313,8 +282360,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Wj_Kprocesshacker_7021 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11203-L11221" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11203-L11221" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "70211a3f90376bbc61f49c22a63075d1d4ddd53f0aefa976216c46e6ba39a9f4" logic_hash = "e5d17a5b57183c3a27815b5b64014e9d95f49129cd451c62380ba8e1b4d25be6" score = 40 @@ -282342,8 +282389,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Trendmicroinc_Tmcommsys_Trendmicroeyes_76E8 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11224-L11243" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11224-L11243" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "76e807b6c0214e66455f09a8de8faad40b738982ca84470f0043de0290449524" logic_hash = "0a9822cd471bb7fdaab454e824e31e1dcd685f9226c4fa34af4f13dd228dc97b" score = 40 @@ -282372,8 +282419,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_5148 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11246-L11265" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11246-L11265" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "51480eebbbfb684149842c3e19a8ffbd3f71183c017e0c4bc6cf06aacf9c0292" logic_hash = "b36414a71e9bd69512ef0c702bf4f7b4bfdb812326a67a0e50f6f75f5c89c152" score = 40 @@ -282402,8 +282449,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Biostargroup_Iodriver_Biostariodriver_1D03 : FIL date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11268-L11287" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11268-L11287" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "1d0397c263d51e9fc95bcc8baf98d1a853e1c0401cd0e27c7bf5da3fba1c93a8" logic_hash = "26e886b28b40a920558a652197a0d7a31fc5f7b239d3886fdf0f44da4590dabb" score = 40 @@ -282432,8 +282479,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avgtechnologiesczsro_Aswarpotsys_Avginternetsecu date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11290-L11309" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11290-L11309" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e2e79f1e696f27fa70d72f97e448081b1fa14d59cbb89bb4a40428534dd5c6f6" logic_hash = "9f77c427b54f1a940547cfc206b8d1aed0288d0664a5a124785c7fcec7b90507" score = 40 @@ -282462,8 +282509,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Dcprotectsys_Dcprotectrwi date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11312-L11331" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11312-L11331" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "b2247e68386c1bdfd48687105c3728ebbad672daffa91b57845b4e49693ffd71" logic_hash = "e1d35eb3ea6012cf8b742e97f08d797b4fd64bcc72bd7ebccb8ca33f11afad67" score = 40 @@ -282492,8 +282539,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Intelcorporation_Iqvwsys_Intelriqvwsys_5F69 : FI date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11334-L11353" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11334-L11353" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5f69d6b167a1eeca3f6ac64785c3c01976ee7303171faf998d65852056988683" logic_hash = "0242a0398f90468dfc41eb04570a70d5072fe089b270feb1f5ab7fbd2c7a1ffc" score = 40 @@ -282522,8 +282569,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Ngiodriversys_Avastng_5E3B : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11356-L11375" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11356-L11375" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "5e3bc2d7bc56971457d642458563435c7e5c9c3c7c079ef5abeb6a61fb4d52ea" logic_hash = "893fe9de3a164fd33483d139e76db4c213c402f276bd285c9acefd76da1d2f38" score = 40 @@ -282552,8 +282599,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Windowsrwinddkprovider_Dcprotectsys_Dcprotectrwi date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11378-L11397" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11378-L11397" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9dee9c925f7ea84f56d4a2ad4cf9a88c4dac27380887bf9ac73e7c8108066504" logic_hash = "e7f65896009629498b16fdacd7dcdaafae8336365e621f791e880c108bbab75b" score = 40 @@ -282582,8 +282629,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_9679 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11400-L11419" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11400-L11419" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "9679758455c69877fce866267d60c39d108b495dca183954e4af869902965b3d" logic_hash = "fa486cd644c20c827abc8568933d8537c254cff445f2aef520775e119b6db067" score = 40 @@ -282612,8 +282659,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Elaboratebytesag_Elbycdio_Cdrtools_8137 : FILE date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11422-L11441" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11422-L11441" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "8137ce22d0d0fc5ea5b174d6ad3506a4949506477b1325da2ccb76511f4c4f60" logic_hash = "cd4ace0ee1000ec8367bdca57423f311d0993d54359e4b3ca6a503738ba07b3b" score = 40 @@ -282642,8 +282689,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Asmediatechnologyinc_Asmiosys_Asmediapcidriver_E date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11444-L11463" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11444-L11463" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "e4658d93544f69f5cb9aa6d9fec420fecc8750cb57e1e9798da38c139d44f2eb" logic_hash = "93c9c472f0664eabf5aeba70babe66f974fd79eaf37b65987c396e35faea4d4b" score = 40 @@ -282672,8 +282719,8 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_4DA0 : date = "2024-08-07" modified = "2024-08-07" reference = "https://github.com/magicsword-io/LOLDrivers" - source_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/detections/yara/yara-rules_vuln_drivers_strict.yar#L11466-L11485" - license_url = "https://github.com/magicsword-io/LOLDrivers//blob/e00ea6e5c7fc6c2941e9819d98b719e769ec98b8/LICENSE" + source_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/detections/yara/yara-rules_vuln_drivers_strict.yar#L11466-L11485" + license_url = "https://github.com/magicsword-io/LOLDrivers//blob/ea9d25b98a805e28980388282fa9e489e30b8d74/LICENSE" hash = "4da08c0681fbe028b60a1eaf5cb8890bd3eba4d0e6a8b976495ddcd315e147ba" logic_hash = "c8f2c5a171d1a7192a2eaeae0ab70ce97956b93e68db7a41265e54480bd582f1" score = 40 @@ -282697,7 +282744,7 @@ rule LOLDRIVERS_PUA_VULN_Driver_Avastsoftware_Aswarpotsys_Avastantivirus_4DA0 : * YARA Rule Set * Repository Name: SEKOIA * Repository: https://github.com/SEKOIA-IO/Community - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 834366aa118f4e231f6f835e1dd479dab29dc599 * Number of Rules: 746 * Skipped: 0 (age), 3 (quality), 0 (score), 0 (importance) @@ -282893,8 +282940,8 @@ rule SEKOIA_Apt_Konni : FILE condition: uint16be( 0 ) == 0x4d5a and filesize < 3MB and 3 of ( $ext_* ) and all of ( $offset_structure_* ) and $url } -import "pe" import "hash" +import "pe" rule SEKOIA_Downloader_Win_Andarloader : FILE { @@ -284325,8 +284372,8 @@ rule SEKOIA_Bot_Lin_Enemybot_April22 : FILE condition: ( uint32( 0 ) == 0x464c457f or uint32( 0 ) == 0xfeedfacf ) and ( 4 of ( $cmd* ) or 2 of ( $str* ) ) } -import "pe" import "hash" +import "pe" rule SEKOIA_Backdoor_Win_Nukesped_Andariel { @@ -284422,8 +284469,8 @@ rule SEKOIA_Apt_Gamaredon_Doc_External_Template : FILE condition: uint32be( 0 ) == 0xd0cf11e0 and filesize < 100KB and all of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Loader_Win_Stealthvector : FILE { @@ -284547,8 +284594,8 @@ rule SEKOIA_Tool_Webshell_B374K_Strings : FILE condition: 2 of them and filesize < 1MB } -import "pe" import "hash" +import "pe" rule SEKOIA_Backdoor_Win_Kimsuky : FILE { @@ -285242,8 +285289,8 @@ rule SEKOIA_Apt_Mustangpanda_Malicious_Lnk_Worm : FILE condition: uint32be( 0 ) == 0x4C000000 and 1 of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Wiper_Win_Caddywiper : FILE { @@ -285760,8 +285807,8 @@ rule SEKOIA_Infostealer_Win_Mars_Stealer : FILE condition: uint16( 0 ) == 0x5A4D and ( #dec > 400 and 12 of ( $api* ) and $str0 ) or for any i in ( 0 .. pe.number_of_sections -1 ) : ( pe.sections [ i ] . name == "LLCPPC" and pe.sections [ i ] . raw_data_size < 5000 ) } -import "pe" import "hash" +import "pe" rule SEKOIA_Tool_Win_Blackfly_Proxy_Config : FILE { @@ -286169,8 +286216,8 @@ rule SEKOIA_Botnet_Lin_Tsunami : FILE condition: uint32( 0 ) == 0x464c457f and #n > 40 and #t > 3 and 3 of ( $s* ) } -import "pe" import "hash" +import "pe" rule SEKOIA_Apt_Darkpink_Loader_Decryptionroutine : FILE { @@ -286312,8 +286359,8 @@ rule SEKOIA_Ursnif_Ldr4 condition: true and 5 of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Wiper_Win_Ruransom : FILE { @@ -286429,8 +286476,8 @@ rule SEKOIA_Rat_Darkvision_String : FILE condition: uint16be( 0 ) == 0x4d5a and 2 of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Reverseshell_Win_1St_Troy : FILE { @@ -287024,8 +287071,8 @@ rule SEKOIA_Hacktool_Ntdsdumpex_Strings : FILE condition: uint16be( 0 ) == 0x4d5a and filesize < 200KB and 3 of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Backdoor_Win_Ketrum2 { @@ -287507,8 +287554,8 @@ rule SEKOIA_Apt_Apt28_Wayzgoose_Exploit_String : FILE condition: uint16be( 0 ) == 0x4d5a and 4 of them and filesize < 500KB } -import "pe" import "hash" +import "pe" rule SEKOIA_Installer_Win_Minibus : FILE { @@ -288157,8 +288204,8 @@ rule SEKOIA_Generic_Sharpshooter_Payload_7 : FILE condition: all of them and filesize < 2MB } -import "pe" import "hash" +import "pe" rule SEKOIA_Implant_Win_Graphiron_Downloader : FILE { @@ -288235,8 +288282,8 @@ rule SEKOIA_Guloader_Unpacker : FILE condition: $p1 in ( filesize -30000 .. filesize ) and $p2 in ( filesize -30000 .. filesize ) and $p3 in ( filesize -30000 .. filesize ) and filesize > 300KB } -import "elf" import "hash" +import "elf" rule SEKOIA_Merlin_Linux_Elf : FILE { @@ -289100,8 +289147,8 @@ rule SEKOIA_Apt_Susp_Apt28_Uac0063_Hatvibe condition: 3 of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Downloader_Win_Fake_Tor_Browser { @@ -289154,8 +289201,8 @@ rule SEKOIA_Backdoor_Mul_Supershell_Client : FILE condition: ( uint32be( 0 ) == 0x7f454c46 or uint16be( 0 ) == 0x4d5a ) and all of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Backdoor_Win_Minibike : FILE { @@ -289187,8 +289234,8 @@ rule SEKOIA_Backdoor_Win_Minibike : FILE condition: uint16( 0 ) == 0x5A4D and all of them or pe.imphash ( ) == "75a9ae7d4394abdc30e2a873908fa09d" or hash.md5 ( pe.rich_signature.clear_data ) == "06b2ec5892ac9ad566693b04cf427f3f" or for any i in ( 0 .. pe.number_of_sections -1 ) : ( hash.md5 ( pe.sections [ i ] . raw_data_offset , pe.sections [ i ] . raw_data_size ) == "612006b6f68cd0b8b0d48252dbdef4be" ) } -import "pe" import "hash" +import "pe" rule SEKOIA_Loader_Win_Jennlog { @@ -290408,8 +290455,8 @@ rule SEKOIA_Apt_Sandworm_Olympicdestroyer : FILE condition: uint16be( 0 ) == 0x4d5a and 3 of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Loader_Win_Dodgebox { @@ -291179,8 +291226,8 @@ rule SEKOIA_Tool_Exploit_Badpotato_Strings : FILE condition: uint16be( 0 ) == 0x4d5a and filesize < 1MB and 5 of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Rat_Win_Ninerat { @@ -291293,8 +291340,8 @@ rule SEKOIA_Apt_Mustangpanda_Payload : FILE condition: filesize < 8MB and all of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Backoor_Win_Gobear { @@ -291459,8 +291506,8 @@ rule SEKOIA_Latrodectus_Br4_Js_Dropper condition: all of them } -import "elf" import "hash" +import "elf" rule SEKOIA_Rootkit_Lin_Winnti : FILE { @@ -291596,8 +291643,8 @@ rule SEKOIA_Tool_Win_Sharpshares : FILE condition: uint16( 0 ) == 0x5A4D and 6 of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Backdoor_Win_Mgbot_Main { @@ -292781,8 +292828,8 @@ rule SEKOIA_Generic_Sharpshooter_Payload_6 : FILE condition: 3 of them and filesize < 2MB } -import "pe" import "hash" +import "pe" rule SEKOIA_Launcher_Win_Mistcloak : FILE { @@ -293394,8 +293441,8 @@ rule SEKOIA_Infostealer_Win_Cinoshistealer : FILE condition: uint16( 0 ) == 0x5a4d and 9 of them and filesize > 400KB } -import "pe" import "hash" +import "pe" rule SEKOIA_Backdoor_Win_Andardoor : FILE { @@ -293812,8 +293859,8 @@ rule SEKOIA_Infostealer_Win_Phoenixwave : FILE condition: uint16( 0 ) == 0x5A4D and 7 of ( $str* ) and 8 of ( $app* ) } -import "pe" import "hash" +import "pe" rule SEKOIA_Backdoor_Win_Blackrat : FILE { @@ -293870,8 +293917,8 @@ rule SEKOIA_Apt_Kimsuky_Sharptongue_Strings : FILE condition: $s2 in ( @s1 .. @s1 + 200 ) or $s2 in ( @s4 .. @s4 + 200 ) or $s3 and filesize < 500KB } -import "pe" import "hash" +import "pe" rule SEKOIA_Backdoor_Win_Minibus : FILE { @@ -294214,8 +294261,8 @@ rule SEKOIA_Infostealer_Win_Nekostealer : FILE condition: uint16( 0 ) == 0x5A4D and ( #nek > 10 or all of ( $str* ) ) } -import "pe" import "hash" +import "pe" rule SEKOIA_Wiper_Win_Isaacwiper { @@ -295391,8 +295438,8 @@ rule SEKOIA_Apt_Andariel_Siennablue : FILE condition: ( uint32be( 0 ) == 0x7f454c46 or uint16be( 0 ) == 0x4d5a ) and filesize > 4MB and filesize < 15MB and all of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Apt_Windows_Wip19_Screencap : FILE { @@ -295564,8 +295611,8 @@ rule SEKOIA_Darkriver_Encodedurl : FILE condition: filesize < 500KB and any of ( $s* ) and $header at 0 } -import "pe" import "hash" +import "pe" rule SEKOIA_Dropper_Win_Ninerat { @@ -295957,8 +296004,8 @@ rule SEKOIA_Platypus_Winlinmac_Strings : FILE condition: uint32( 0 ) == 0x464c457f and 4 of ( $pl* ) and 1 of ( $f* ) and #go > 30 } -import "pe" import "hash" +import "pe" rule SEKOIA_Implant_Win_Incontroller : FILE { @@ -296112,8 +296159,8 @@ rule SEKOIA_Infostealer_Win_Grmsk_Strings : FILE condition: uint16( 0 ) == 0x5A4D and 10 of ( $str* ) } -import "pe" import "hash" +import "pe" rule SEKOIA_Backdoor_Win_Sidewinder_Cobaltstrike_2022_09 { @@ -296802,8 +296849,8 @@ rule SEKOIA_Loader_Win_Konni_Bat : FILE condition: 3 of them and filesize < 3KB } -import "pe" import "hash" +import "pe" rule SEKOIA_Backdoor_Win_Headertip : FILE { @@ -296975,8 +297022,8 @@ rule SEKOIA_Ransomware_Linux_Icefire_2023 : FILE condition: uint32be( 0 ) == 0x7F454C46 and all of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Loader_Win_Abcloader : FILE { @@ -297066,8 +297113,8 @@ rule SEKOIA_Exploit_Linux_Eop_Ubuntu_Overlayfs_Local_Privesc_Strings : FILE condition: uint32be( 0 ) == 0x7f454c46 and filesize < 1MB and all of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Wiper_Win_Dnwipe : FILE { @@ -297435,8 +297482,8 @@ rule SEKOIA_Apt_Agent_Racoon_Strings : FILE condition: uint16be( 0 ) == 0x4d5a and filesize < 1MB and all of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Implant_Win_Mysterysnail : FILE { @@ -298423,8 +298470,8 @@ rule SEKOIA_Apt_Apt35_Iisraid_Strings : FILE condition: uint16be( 0 ) == 0x4d5a and filesize < 500KB and all of them } -import "elf" import "hash" +import "elf" rule SEKOIA_Ransomware_Lin_Avoslocker_Sections : FILE { @@ -298957,8 +299004,8 @@ rule SEKOIA_Win_Infostealer_Serpent_Strings : FILE condition: ( uint16be( 0 ) == 0x4d5a ) and filesize < 100KB and 5 of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Downloader_Win_Apt33_Tickler : FILE { @@ -299032,8 +299079,8 @@ rule SEKOIA_Apt_Badmagic_Modules condition: pe.DLL and pe.exports ( "Start" ) and pe.exports ( "Stop" ) and pe.exports ( "Whoami" ) and pe.exports ( "GetResult" ) and pe.exports ( "GetSettings" ) } -import "pe" import "hash" +import "pe" rule SEKOIA_Implant_Win_Apt29_2022_10 { @@ -299090,8 +299137,8 @@ rule SEKOIA_Tool_Win_Lightrail : FILE condition: uint16be( 0 ) == 0x4d5a and 1 of ( $s* ) and $azure } -import "pe" import "hash" +import "pe" rule SEKOIA_Ransomware_Win_Eking_Rich_Header { @@ -299524,8 +299571,8 @@ rule SEKOIA_Tool_Gsocket_Strings : FILE condition: ( uint32be( 0 ) == 0x7f454c46 or uint16be( 0 ) == 0x4d5a or uint32be( 0 ) == 0xfeedface or uint32be( 0 ) == 0xcffaedfe or uint32be( 0 ) == 0xcafebabe ) and filesize > 2MB and filesize < 6MB and 2 of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Apt_Apt33_Tickler : FILE { @@ -300040,8 +300087,8 @@ rule SEKOIA_Apt_Qnapworm_Loader_May2022 : FILE condition: uint16be( 0 ) == 0x4d5a and all of ( $s* ) } -import "pe" import "hash" +import "pe" rule SEKOIA_Implant_Win_Lyceum : FILE { @@ -301401,8 +301448,8 @@ rule SEKOIA_Apt_Konni_Check_Bat : FILE condition: filesize < 1MB and 7 of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Apt_Mustang_Panda_Toneins : FILE { @@ -301907,8 +301954,8 @@ rule SEKOIA_Apt_Mustangpanda_Zpakage : FILE condition: ( uint32be( 0 ) == 0x7f454c46 or uint16be( 0 ) == 0x4d5a ) and filesize < 1MB and filesize < 11MB and #chunk_1 > 20 } -import "pe" import "hash" +import "pe" rule SEKOIA_Loader_Win_Ninerat { @@ -302083,8 +302130,8 @@ rule SEKOIA_Apt_Kimsuky_Validator_Strings : FILE condition: uint16be( 0 ) == 0x4d5a and all of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Backdoor_Win_Winordll64 { @@ -302107,8 +302154,8 @@ rule SEKOIA_Backdoor_Win_Winordll64 condition: hash.md5( pe.rich_signature.clear_data ) == "d16713cbfe04151b3a9e832c8afd55df" or for any i in ( 0 .. pe.number_of_sections -1 ) : ( hash.md5 ( pe.sections [ i ] . raw_data_offset , pe.sections [ i ] . raw_data_size ) == "3f638774c2565594029fb52ceb67db7a" or hash.md5 ( pe.sections [ i ] . raw_data_offset , pe.sections [ i ] . raw_data_size ) == "f9416bfb43b2c70837927e43e7591a2a" or hash.md5 ( pe.sections [ i ] . raw_data_offset , pe.sections [ i ] . raw_data_size ) == "6eede2cebaef39eec5bd1c24c809e3dc" or hash.md5 ( pe.sections [ i ] . raw_data_offset , pe.sections [ i ] . raw_data_size ) == "1177658fb0469cd5982102c9f3cd2eea" or hash.md5 ( pe.sections [ i ] . raw_data_offset , pe.sections [ i ] . raw_data_size ) == "658d877d1bf0d2928b2c3efec9ec06cf" ) or pe.imphash ( ) == "d6b6f8cdffb06f469e06c7af9639897c" } -import "pe" import "hash" +import "pe" rule SEKOIA_Loader_Win_Revil_Loader { @@ -302144,8 +302191,8 @@ rule SEKOIA_Loader_Win_Revil_Loader condition: all of ( $dropped_name* ) and #crypto > 100 and for any i in ( 0 .. pe.number_of_resources -1 ) : ( hash.sha256 ( pe.resources [ i ] . offset , pe.resources [ i ] . length ) == "33bc14d231a4afaa18f06513766d5f69d8b88f1e697cd127d24fb4b72ad44c7a" ) } -import "pe" import "hash" +import "pe" rule SEKOIA_Apt_Mustang_Panda_Toneshell : FILE { @@ -302353,8 +302400,8 @@ rule SEKOIA_Apt_Luckymouse_Compromised_Electronapp : FILE condition: $s at 0 and filesize < 100KB } -import "pe" import "hash" +import "pe" rule SEKOIA_Launcher_Win_Bluehaze : FILE { @@ -303319,8 +303366,8 @@ rule SEKOIA_Generic_Sharpshooter_Payload_10 : FILE condition: all of them and filesize < 2MB } -import "pe" import "hash" +import "pe" rule SEKOIA_Rat_Win_Romcom_Payload { @@ -304799,8 +304846,8 @@ rule SEKOIA_Apt_Apt37_Malicious_Hta_File : FILE condition: $s1 at 0 and all of them and filesize < 1MB } -import "pe" import "hash" +import "pe" rule SEKOIA_Merlin_Win_Exe : FILE { @@ -304829,8 +304876,8 @@ rule SEKOIA_Merlin_Win_Exe : FILE condition: uint16( 0 ) == 0x5A4D and for any i in ( 0 .. pe.number_of_sections -1 ) : ( hash.md5 ( pe.sections [ i ] . raw_data_offset , pe.sections [ i ] . raw_data_size ) == "07b5472d347d42780469fb2654b7fc54" ) and all of them and $s1 at 591 and filesize < 15MB } -import "pe" import "hash" +import "pe" rule SEKOIA_Wiper_Win_Nominatus_Toxicbattery : FILE { @@ -304868,8 +304915,8 @@ rule SEKOIA_Wiper_Win_Nominatus_Toxicbattery : FILE condition: uint16( 0 ) == 0x5A4D and 10 of them or for any i in ( 0 .. pe.number_of_sections -1 ) : ( hash.md5 ( pe.sections [ i ] . raw_data_offset , pe.sections [ i ] . raw_data_size ) == "e7f35c173c34b7080d437a90ec90a982" or hash.md5 ( pe.sections [ i ] . raw_data_offset , pe.sections [ i ] . raw_data_size ) == "2e25c5d3baba182f008a5a15c6f06403" ) or for any i in ( 0 .. pe.number_of_resources -1 ) : ( hash.sha256 ( pe.resources [ i ] . offset , pe.resources [ i ] . length ) == "70b1c002e4c0c9782c7ce1ef4a13c58ec1da54a26fd06dd7821a71f29431da82" ) } -import "pe" import "hash" +import "pe" rule SEKOIA_Ransomware_Win_Blackmatter { @@ -304945,8 +304992,8 @@ rule SEKOIA_Apt_Sidecopy_Actionrat_Packer_Strings : FILE condition: uint16be( 0 ) == 0x4d5a and filesize < 1MB and all of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Merlin_Win_Dll : FILE { @@ -305250,8 +305297,8 @@ rule SEKOIA_Apt_Ta410_Flowcloud_Rtti : FILE condition: uint16( 0 ) == 0x5A4D and filesize < 10MB and all of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Icebot_Exported_Function : FILE { @@ -305342,8 +305389,8 @@ rule SEKOIA_Infostealer_Win_Titan : FILE condition: uint16( 0 ) == 0x5A4D and 5 of them } -import "pe" import "hash" +import "pe" rule SEKOIA_Implant_Win_Magicrat : FILE { @@ -305845,7 +305892,7 @@ rule SEKOIA_Apt_Sandworm_Caddywiper_Stacked_Strings : FILE * YARA Rule Set * Repository Name: Signature Base * Repository: https://github.com/Neo23x0/signature-base - * Retrieval Date: 2025-01-26 + * Retrieval Date: 2025-02-02 * Git Commit: 1d926845269a3ac8de0431da133950390b5cced3 * Number of Rules: 4305 * Skipped: 0 (age), 6 (quality), 4 (score), 0 (importance) @@ -327298,7 +327345,7 @@ rule SIGNATURE_BASE_TA17_293A_Energetic_Bear_Api_Hashing_Tool : FILE description = "Energetic Bear API Hashing Tool" author = "CERT RE Team" id = "4e58800a-9618-5d8b-954c-e843be6002c2" - date = "2025-02-26" + date = "2025-02-02" modified = "2023-12-05" reference = "https://github.com/Neo23x0/signature-base" source_url = "https://github.com/Neo23x0/signature-base/blob/1d926845269a3ac8de0431da133950390b5cced3/yara/apt_ta17_293A.yar#L77-L93" @@ -335918,8 +335965,8 @@ rule SIGNATURE_BASE_PLEAD_Downloader_Jun18_1 : FILE condition: uint16( 0 ) == 0x5a4d and filesize < 200KB and ( all of ( $s* ) or ( 2 of ( $s* ) and 1 of ( $a* ) ) ) } -import "pe" import "math" +import "pe" rule SIGNATURE_BASE_Susp_File_Enumerator_With_Encrypted_Resource_101 : FILE { @@ -390002,8 +390049,8 @@ rule SIGNATURE_BASE_Apt_Projectsauron_Pipe_Backdoor : FILE condition: uint16( 0 ) == 0x5A4D and ( all of ( $a* ) ) and filesize < 100000 } -import "pe" import "math" +import "pe" rule SIGNATURE_BASE_Apt_Projectsauron_Encrypted_LSA : FILE { @@ -390034,8 +390081,8 @@ rule SIGNATURE_BASE_Apt_Projectsauron_Encrypted_LSA : FILE condition: uint16( 0 ) == 0x5A4D and ( any of ( $a* ) or ( pe.exports ( "InitializeChangeNotify" ) and pe.exports ( "PasswordChangeNotify" ) and math.entropy ( 0x400 , filesize ) >= 7.5 ) ) and filesize < 1000000 } -import "pe" import "math" +import "pe" rule SIGNATURE_BASE_Apt_Projectsauron_Encrypted_SSPI : FILE {