FENRIR 0.5 - Energetic Bear Release
- Prepared to detect the IOC reported by Kaspersky in recent Energetic Bear report
https://securelist.com/energetic-bear-crouching-yeti/85345/
I used pretty specific strings extracted from the WSO shells for the string match detection: