MalwareBazaar Database
This page shows some basic information the YARA rule SUSP_AnyDesk_Compromised_Certificate_Jan24_3 including corresponding malware samples.
Database Entry
| YARA Rule: | SUSP_AnyDesk_Compromised_Certificate_Jan24_3 |
|---|---|
| Author: | Florian Roth |
| Description: | Detects binaries signed with a compromised signing certificate of AnyDesk after it was revoked (philandro Software GmbH, 0DBF152DEAF0B981A8A938D53F769DB8; version that uses dates for validation) |
| Firstseen: | 2024-02-20 07:07:15 UTC |
| Lastseen: | 2024-08-09 06:55:41 UTC |
| Sightings: | 6 |
Malware Samples
The table below shows all malware samples that matching this particular YARA rule (max 1000).
| Firstseen (UTC) | SHA256 hash | Tags | Signature | Reporter |
|---|