Skip to content

Commit

Permalink
Update image_load_malware_raspberry_robin_side_load_aclui_oleview.yml
Browse files Browse the repository at this point in the history
  • Loading branch information
@nasbench
nasbench committed Aug 1, 2024
1 parent e9ac06b commit d58a042
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions ...24/Malware/Raspberry-Robin/image_load_malware_raspberry_robin_side_load_aclui_oleview.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,8 @@ detection:
ImageLoaded|endswith: '\aclui.dll'
filter_main_legit_oleview_paths:
Image|contains:
- 'C:\Program Files (x86)\Windows Kits\'
- 'C:\Program Files\Microsoft SDKs\'
- 'C:\Program Files (x86)\Windows Kits\'
- 'C:\Program Files\Microsoft SDKs\'
filter_optional_known_oleview_paths:
Image|contains: '\Windows Resource Kit\'
filter_main_is_signed:
Expand Down

0 comments on commit d58a042

Please sign in to comment.