Volatility3 MCP Server
by Kirandawadi
Android_Marcher_2.yar•1.41 kB
rule marcher1
{
meta:
author = "Antonio S. <asanchez@koodous.com>"
source = "https://analyst.koodous.com/rulesets/890"
description = "This rule detects is to detect a type of banking malware"
sample = "33b1a9e4a1591c1a39fdd5295874e365dbde9448098254a938525385498da070"
strings:
$a = "cmVudCYmJg=="
$b = "dXNzZCYmJg=="
condition:
all of them
}
rule marcher2
{
meta:
author = "Antonio S. <asanchez@koodous.com>"
source = "https://analyst.koodous.com/rulesets/890"
strings:
$a = "HDNRQ2gOlm"
$b = "lElvyohc9Y1X+nzVUEjW8W3SbUA"
condition:
all of them
}
rule marcher3
{
meta:
author = "Antonio S. <asanchez@koodous.com>"
source = "https://analyst.koodous.com/rulesets/890"
sample1 = "087710b944c09c3905a5a9c94337a75ad88706587c10c632b78fad52ec8dfcbe"
sample2 = "fa7a9145b8fc32e3ac16fa4a4cf681b2fa5405fc154327f879eaf71dd42595c2"
strings:
$a = "certificado # 73828394"
$b = "A compania TMN informa que o vosso sistema Android tem vulnerabilidade"
condition:
all of them
}
rule marcher_v2
{
meta:
description = "This rule detects a new variant of Marcher"
sample = "27c3b0aaa2be02b4ee2bfb5b26b2b90dbefa020b9accc360232e0288ac34767f"
author = "Antonio S. <asanchez@koodous.com>"
source = "https://analyst.koodous.com/rulesets/1301"
strings:
$a = /assets\/[a-z]{1,12}.datPK/
$b = "mastercard_img"
$c = "visa_verifed"
condition:
all of them
}
Latest Blog Posts
- MCP Moves to the Linux Foundation: Neutral Stewardship for Agentic InfrastructureBy Om-Shree-0709 on .mcpanthropicLinux Foundation
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/Kirandawadi/volatility3-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server