There is no description at this point.
rule wun_unidentified_119_w0 { meta: author = "defender2yara" detection_name = "Backdoor:Win64/Supper.A!ldr" threat_id = "2147917250" type = "Backdoor" platform = "Win64: Windows 64-bit platform" family = "Supper" severity = "Critical" info = "ldr: loader component of a malware" signature_type = "SIGNATURE_TYPE_PEHSTR_EXT" threshold = "1" strings_accuracy = "Low" malpedia_reference = "https://malpedia.caad.fkie.fraunhofer.de/details/win.supper" malpedia_rule_date = "20250417" malpedia_hash = "" malpedia_version = "20250417" malpedia_license = "CC BY-SA 4.0" malpedia_sharing = "TLP:WHITE" strings: $x_1_1 = {48 8b 04 1f 48 33 45 f0 48 89 04 1e e8 ?? ?? ?? ?? 48 3b 45 e0 0f 83 ?? ?? ?? ?? 48 31 c9 51 48 8d} //weight: 1, accuracy: Low condition: (filesize < 20MB) and (all of ($x*)) }
rule wun_unidentified_119_w1 { meta: author = "defender2yara" detection_name = "Backdoor:Win64/Supper.B" threat_id = "2147920400" type = "Backdoor" platform = "Win64: Windows 64-bit platform" family = "Supper" severity = "Critical" signature_type = "SIGNATURE_TYPE_PEHSTR_EXT" threshold = "1" strings_accuracy = "Low" malpedia_reference = "https://malpedia.caad.fkie.fraunhofer.de/details/win.supper" malpedia_rule_date = "20250417" malpedia_hash = "" malpedia_version = "20250417" malpedia_license = "CC BY-SA 4.0" malpedia_sharing = "TLP:WHITE" strings: $x_1_1 = {66 81 7d 10 ff 3f 0f ?? ?? ?? ?? ?? 0f b7 45 10 48 98 48 8d 14 c5 00 00 00 00 48 8d} //weight: 1, accuracy: Low $x_1_2 = {81 7d fc ff 3f 00 00 0f ?? ?? ?? ?? ?? 48 8b 05 5e 3e 02 00 48 85 c0 74 ?? 48 8b 05 52 3e 02 00 48 89 c1 e8} //weight: 1, accuracy: Low condition: (filesize < 20MB) and (1 of ($x*)) }
If your designated proposal does not fit in any other category, feel free to write a free-text in the comment field below. Changes regarding references should be proposed on the Malpedia library page.
Your suggestion will be reviewed before being published. Thank you for contributing!
YYYY-MM-DD
YYYY-MM
YYYY
