Wolves Among Us RSA IR PNGRat Technet files.zip

File uploaded by SeffyGHops Employee on May 19, 2015Last modified by SeffyGHops Employee on May 19, 2015
Version 2Show Document
  • View in full screen mode

Parser and a Yara Rule for the executables, which can be used independently or ingested into ECAT that correspond to the Wolves Among Us: Abusing Trusted Providers for Malware Operations  blog post

Additionally, RSA has created a simple Python script for automatically decoding these values that can be leveraged or implemented into other internal projects which is also included in the .zip 

Attachments

Outcomes