search

stamparm / maltrail

Malicious traffic detection system
MIT License
6.43k stars 1.07k forks source link

[Feature Request] Improvement for PHP-inj detection (TellYouThePass Ransomware) #19262

Closed MikhailKasimov closed 3 months ago

MikhailKasimov commented 3 months ago

Ref:

[1] https://x.com/karol_paciorek/status/1801206196302475615 [2] https://www.virustotal.com/gui/file/61644d571470050d747c81350fcb6cc181f7b7e8d27377d8df3661bdf8a4664c/behavior

image

Fix/improvement: https://github.com/stamparm/maltrail/commit/57189e57bd7c9d69190fcf1723eb25b6860f6ca0