
Rule Info
Name
APT_MuddyWater_MalDoc_Feb20_1
Author
Florian Roth
Description
Detects weaponized Office documents used by MuddyWater
Score
75
Reference
Internal Research
Date
2020-02-13
Minimum Yara
1.7
Rule Hash
7929376ad2ff686c017bd92fa2e2daa8
Tags
['APT', 'OFFICE', 'FILE', 'T1566_001', 'T1203', 'G0069']
Required Modules
[]
Virustotal Matches
Antivirus Verdicts
Rating
Number of Samples
Malicious (>= 10 engines)
29
Suspicious (< 10 engines)
5
Clean (0 engines)
1
Rule Matches
Timestamp
Positives
Total
Hash
VT