[Oisf-users] Ransomware detection
Chris Boley
ilgtech75 at gmail.com
Fri Jun 30 01:38:27 UTC 2017
Is this helpful at all?
https://github.com/xNymia/Suricata-Signatures/blob/master/EquationGroup.rules
On Thu, Jun 29, 2017 at 8:42 PM Alexis Fredes Hadad <amfh2408 at gmail.com>
wrote:
> Hello everyone!
> I want to know if there is any rule for ransomware detection in Suricata.
> I know that Suricata is not the more appropiate tool for that kind of
> malware but I was investigating how to do a rule with pcre. Anyone knows if
> exist a rule for that? Or a rule set which contain that? At present I am
> using the free version of Emerging Threats and it has a file of rules for
> malware but I couldn't find nothing related to ransomware.
>
> Thanks,
> Alexis
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170630/6988e5db/attachment-0002.html>
More information about the Oisf-users
mailing list