(YARA) YARA_DebuggerCheck__RemoteAPI

rule DebuggerCheck__RemoteAPI {
    meta:
        description = "Rule to RemoteAPI debugger check"
        author = "Thibault Seret"
        date = "2020-09-26"
    strings:
        $s1 ="CheckRemoteDebuggerPresent"
    condition:
        any of them
}

Associated Techniques

No associated technique found so far.

Matching Samples 10 most recent

Sample Name	Matching Techniques	First Seen	Last Seen
548964a6ea3d573cfae71aa5e2d0...0fc323c6432e96d2ad55b80d.exe	7	2026-03-04	1 week, 2 days ago
TS_4775.tmp	7	2025-12-23	2 months, 2 weeks ago
DgtAutoTTSMM.exe	3	2025-10-20	4 months, 3 weeks ago
aTikTok.exe	4	2025-06-15	8 months, 3 weeks ago
SEZCheat.exe	4	2025-06-15	8 months, 3 weeks ago
RuntimeBroker.exe	11	2025-06-05	9 months, 1 week ago
5.exe	9	2025-05-30	9 months, 1 week ago
q.apk.exe	8	2025-05-30	9 months, 1 week ago
DgtAutoTTS.exe	3	2025-05-06	10 months, 1 week ago
noui.exe	8	2025-02-20	1 year ago

View All

Created

June 20, 2022

Last Revised

November 5, 2024