new
- epx_php_addr_mask_0
- epx_php_heap_groom_0
- bd_php_rce_bticks_0
- bd_php_rce_cback_sglobal_0
- ioc_php_artifact_sys_cfg_0
- ioc_php_dropper_small_upload_0
Introduces a new exp family is the starting point to represents exploit frameworks that use more advanced techniques such as manipulating memory. There is now also clearer bd classification with an rce category added.
Two new ioc categories have been added, dropper and artifact. The artifact category represents suspicious constants such as private system paths.
Users will automatically receive these updates. Keep submitting samples for our analysis ❤️
Further information is available at the GitHub release or project page.