{"group":"ransomhouse","count":1,"rules":[{"rule_name":"ransomhouse.yar","rule_text":"rule RansomHouse {\n\tmeta:\n\t\tdescription = \"rule to detect RansomHouse\"\n\t\tauthor = \"ShadowStackRe.com\"\n\t\tdate = \"2024-02-20\"\n\t\tRule_Version = \"v1\"\n\t\tmalware_type = \"ransomware\"\n\t\tmalware_family = \"RansomHouse\"\n\t\tLicense = \"MIT License, https://opensource.org/license/mit/\"\n\tstrings:\n\t\t$strFileExt = \".emario\"\n\t\t$strRestore = \"How To Restore Your Files.txt\"\n\t\t$strEncrypted = \"/path/to/be/encrypted\"\n\t\t$strCrypted = \"Crypted:\"\n\tcondition:\n\t\tfilesize < 100KB and all of ($str*)\n}","sha256":"2fb0a33e352342c140200c0546613925001f8b8bc2ad7aafe849c4868c112fc0","byte_size":476,"updated_at":"2026-06-24 05:16:04"}]}