DefenderYara/Exploit/WinNT/CVE-2012-0507/Exploit_WinNT_CVE-2012-0507...


rule Exploit_WinNT_CVE-2012-0507_AY{
	meta:
		description = "Exploit:WinNT/CVE-2012-0507.AY,SIGNATURE_TYPE_JAVAHSTR_EXT,01 00 01 00 01 00 00 "
		
	strings :
		$a_00_0 = {51 45 0d 7b 17 40 44 14 3c 15 1a 6a 0d 3a 1b 5d 48 2b 30 10 51 59 1c 3b 15 51 6a 0b 27 17 4d } //1
	condition:
		((#a_00_0  & 1)*1) >=1
 
}
init 2024-02-05 06:12:47 -08:00
			`rule Exploit_WinNT_CVE-2012-0507_AY{`
			`meta:`
fix condition 2024-07-06 23:13:08 -07:00			`description = "Exploit:WinNT/CVE-2012-0507.AY,SIGNATURE_TYPE_JAVAHSTR_EXT,01 00 01 00 01 00 00 "`
init 2024-02-05 06:12:47 -08:00
			`strings :`
fix condition 2024-07-06 23:13:08 -07:00			`$a_00_0 = {51 45 0d 7b 17 40 44 14 3c 15 1a 6a 0d 3a 1b 5d 48 2b 30 10 51 59 1c 3b 15 51 6a 0b 27 17 4d } //1`
init 2024-02-05 06:12:47 -08:00			`condition:`
fix condition 2024-07-06 23:13:08 -07:00			`((#a_00_0 & 1)*1) >=1`
init 2024-02-05 06:12:47 -08:00
			`}`