There is no description at this point.
rule win_dragonbreath_w0 { meta: author = "Elastic Security" id = "b27bc56b-41a2-4b3d-bff4-a14b90debe08" fingerprint = "4bc82f64191cf907d7ecf7da5453258c9be60e5dbaff770ebc22d9629bcbc7e2" creation_date = "2024-06-05" last_modified = "2024-06-12" threat_name = "Windows.Trojan.DragonBreath" reference_sample = "45023fd0e694d66c284dfe17f78c624fd7e246a6c36860a0d892d232a30949be" severity = 100 arch_context = "x86" scan_context = "file, memory" license = "Elastic License v2" os = "windows" malpedia_reference = "https://malpedia.caad.fkie.fraunhofer.de/details/win.dragonbreath" malpedia_version = "20251118" malpedia_license = "CC BY-NC-SA 4.0" malpedia_sharing = "TLP:CLEAR" strings: $a1 = { 50 6C 75 67 69 6E 4D 65 } $a2 = { 69 73 41 52 44 6C 6C } $a3 = { 25 64 2D 25 64 2D 25 64 20 25 64 3A 25 64 } condition: all of them }
If your designated proposal does not fit in any other category, feel free to write a free-text in the comment field below. Changes regarding references should be proposed on the Malpedia library page.
Your suggestion will be reviewed before being published. Thank you for contributing!
YYYY-MM-DD
YYYY-MM
YYYY