Skip to content

/WireLurkerDetector

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Script for detecting the WireLurker malware family on Mac OS X

  1. Python 100%
Python
branch: master
WireLurkerDetector /

add how to clean

latest commit 59ea523aa0
Claud Xiao authored
.gitignore Initial commit
HOWTO-Windows.md add how to clean
LICENSE v1 first commit
README.md Add document for Windows variant
WireLurkerDetectorOSX.py Add ~/Applications as a scanning target
decryptor.py v1 first commit

README.md

WireLurker Detector

Description

This project provides script and/or tool to detect the WireLurker malware family found by Palo Alto Networks in Nov 2014.

For details of the WireLurker:

Usage for OS X users

  1. Open the Terminal application in your OS X system;

  2. Execute this command to download the script:

    curl -O https://raw.githubusercontent.com/PaloAltoNetworks-BD/WireLurkerDetector/master/WireLurkerDetectorOSX.py

  3. Run the script in the Terminal:

    python WireLurkerDetectorOSX.py
  4. Read the output messages and detection result.

For Windows users

We described how to technically detect the Windows variant of WireLurker in this document: HOWTO-Windows.md . Please take a look at it if you would like to contribute on it.

Issues

For any issue on the code and its result, please create a issue here: https://github.com/PaloAltoNetworks-BD/WireLurkerDetector/issues

Something went wrong with that request. Please try again.