Please analyze this sample (using both VT and the metadata in the attached text file) and write a YARA

3) Using VirusTotal, please search for the following file hash: 1232366c104bdb6e42b04adb7eff4e08

  • Please analyze this sample (using both VT and the metadata in the attached text file) and write a YARA signature that contains unique strings that is likely to produce true positive results for threat hunting activities
  • Here's an example of a rule template you can use when writing your rule:
    • rule Leafminer { strings: $s1 = "Sorgu.exe" wide ascii $s2 = "https://iqhost.us:3389/" wide ascii condition: any of them }

You are encouraged to perform additional open source research on the topics of YARA and Leafminer as necessary to support your submission. Please provide a list of all external sources (URLs are sufficient) on the last page of your report.