file_id (msg:"Microsoft Office Open XML Format (OOXML) Document (XLSX)"; file_meta:type XLSX, id 328, category "Office Documents,Dynamic Analysis Capable,Local Malware Analysis Capable", group "office"; file_data; content:"| 50 4B 03 04 |", depth 4, offset 0; content:"| 78 6c 2f |", depth 3, offset 30; gid:4; sid:206; rev:1;)
file_id (msg:"Microsoft Office Open XML Format (OOXML) Document (DOCX, PPTX, XLSX)"; file_meta:type NEW_OFFICE, id 329, category "Office Documents,Dynamic Analysis Capable,Local Malware Analysis Capable", group "office"; file_data; content:"| 50 4B 03 04 |", depth 4, offset 0; content:"| 5b 43 6f 6e 74 65 6e 74 5f 54 79 70 65 73 5d 2e |", depth 16, offset 30; gid:4; sid:207; rev:1;)
file_id (msg:"Microsoft Office Open XML Format (OOXML) Document (DOCX, PPTX, XLSX)"; file_meta:type NEW_OFFICE, id 330, category "Office Documents,Dynamic Analysis Capable,Local Malware Analysis Capable", group "office"; file_data; content:"| 50 4B 03 04 |", depth 4, offset 0; content:"| 5f 72 65 6c 73 2f |", depth 6, offset 30; gid:4; sid:208; rev:1;)
-file_id (msg:"Microsoft Office Open XML Format (OOXML) Document (DOCX, PPTX, XLSX)"; file_meta:type NEW_OFFICE, id 331, category "Office Documents,Dynamic Analysis Capable,Local Malware Analysis Capable", group "office"; file_data; content:"| 50 4B 03 04 |", depth 4, offset 0; content:"| 64 6f 63 50 72 6f 70 73 2f |", depth 9, offset 30; gid:4; sid:209; rev:1;)
\ No newline at end of file
+file_id (msg:"Microsoft Office Open XML Format (OOXML) Document (DOCX, PPTX, XLSX)"; file_meta:type NEW_OFFICE, id 331, category "Office Documents,Dynamic Analysis Capable,Local Malware Analysis Capable", group "office"; file_data; content:"| 50 4B 03 04 |", depth 4, offset 0; content:"| 64 6f 63 50 72 6f 70 73 2f |", depth 9, offset 30; gid:4; sid:209; rev:1;)
+file_id (msg:"Audio Interchange File Format"; file_meta:type AIF, id 345, category "Multimedia"; file_data; content:"| 46 4F 52 40 |", depth 4, offset 0; gid:4; sid:210; rev:1;)
+file_id (msg:"Audio Interchange File Format"; file_meta:type AIF, id 346, category "Multimedia"; file_data; content:"| 41 49 46 46 |", depth 4, offset 8; gid:4; sid:211; rev:1;)
+file_id (msg:"Debian package file"; file_meta:type DEB, id 333, category "System files"; file_data; content:"| 21 3C 61 72 |", depth 4, offset 0; gid:4; sid:212; rev:1;)
+file_id (msg:"Windows Cursor file"; file_meta:type CUR, id 337, category "System files"; file_data; content:"| 00 00 02 00 02 00 30 30 00 00 01 |", depth 11, offset 0; gid:4; sid:216; rev:1;)
+file_id (msg:"Audio Video Interleave"; file_meta:type AVI, id 339, category "Multimedia"; file_data; content:"| 41 56 49 |", depth 3, offset 8; gid:4; sid:218; rev:1;)
+file_id (msg:"Sound file"; file_meta:type SND, id 340, category "Multimedia"; file_data; content:"| 73 6E 64 |", depth 3, offset 1; gid:4; sid:219; rev:1;)
+file_id (msg:"MPEG-4 Audio"; file_meta:type M4A, id 341, category "Multimedia"; file_data; content:"| 4D 34 41 |", depth 3, offset 8; gid:4; sid:220; rev:1;)
+file_id (msg:"Video Object file, audio container in DVD media"; file_meta:type VOB, id 342, category "Multimedia"; file_data; content:"| 00 00 01 BA 44 |", depth 5, offset 0; gid:4; sid:221; rev:1;)
+file_id (msg:"Windows Media Video"; file_meta:type WMV, id 343, category "Multimedia"; file_data; content:"| 30 26 B2 75 |", depth 4, offset 0; gid:4; sid:222; rev:1;)
+file_id (msg:"iTunes video file"; file_meta:type M5V, id 344, category "Multimedia"; file_data; content:"| 4D 34 56 |", depth 3, offset 8; gid:4; sid:223; rev:1;)
+file_id (msg:"Executable script"; file_meta:type UNIX_SCRIPT, id 347, category "Executables"; file_data; content:"| 23 21 2F |", depth 3, offset 0; gid:4; sid:224; rev:1;)
projects / thirdparty / snort3.git / commitdiff
