Neo23x0 / signature-base

YARA signature and IOC database for my scanners and tools
Other
2.47k stars 604 forks source link

Update expl_outlook_cve_2023_23397.yar #248

Closed ruppde closed 1 year ago

ruppde commented 1 year ago

allow matching on ascii and wide UNC path for both file types to match e.g. e7a1391dd53f349094c1235760ed0642519fd87baf740839817d47488b9aef02

ruppde commented 1 year ago

shouldn't increase FP as it's still looking for a UNC with full IP