Hugging Face's logo

mickey58
/
Test

Model card Files
xet
Community
Test
File size: 3,021 Bytes 
a948b05
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
 
<and>
  <!-- Agent IP -->
  <add asArray="true">
    <varstring name="AgentIP" scope="event"/>
    <varstring name="temp-CustomRuleData" scope="event"/>
  </add>
  <add asArray="false">
    <varstring name="temp-CustomRuleData" scope="event"/>
    <agentIPAddress/>
  </add>
  <set>
    <varstring name="temp-CustomRuleData" scope="event"/>
    <string value=" " preserveCase="true"/>
  </set>
  <not>
    <in op = "like" match = "any">
      <evtSrcFilePath />
      <list>
        <string value = "%\roaming\%" />
        <string value = "%\AppData\Roaming\%" />
        <string value = "%\documents\wechat files\%" />
        <string value = "%\program files (x86)\tencent\wechat\chat\filetype\%" />
      </list>
    </in>
  </not>
  <not>
    <in op = "like" match = "any">
      <evtSrcFileExt />
      <list>
        <string value = "" />
      </list>
    </in>
  </not>
  <!--
  <in>
    <evtSrcFileExt />
    <list>
      <string value="zip" />
      <string value="ppt" />
      <string value="pptx" />
      <string value="doc" />
      <string value="docx" />
      <string value="xls" />
      <string value="xlsx" />
      <string value="txt" />
      <string value="rar" />
      <string value="mp4" />
      <string value="MP4" />
      <string value="catpart" />
      <string value="CATProduct" />
      <string value="model" />
      <string value="prt" />
      <string value="asm" />
      <string value="drw" />
      <string value="cgr" />
      <string value="catdrawing" />
      <string value="catanalysis" />
      <string value="catfct" />
      <string value="cgm" />
      <string value="jpg" />
      <string value="jpeg" />
      <string value="png" />
      <string value="gif" />
      <string value="pdf" />
      <string value="rtf" />
    </list>
  </in>
  -->
  <in>
    <curProcessImageName />
    <list>
      <string value="KakaoTalk.exe" />
      <string value="NateOnMain.exe" />
      <string value="lync.exe" />
      <string value="AutowayMplusService.exe" />
      <string value="Teams.exe" />
      <string value="Squirrel.exe" />
      <string value="Zoom.exe" />
      <string value="BreakOut.exe" />
      <string value="RTX.exe" />
      <string value="wechat.exe" />
      <string value="dingtalklauncher.exe" />
      <string value="dingtalk.exe" />
      <string value="qqsclauncher.exe" />
      <string value="wxwork.exe" />
      <string value="baidunetdisk.exe" />
      <string value="weiyunapp.exe" />
      <string value="wemeetapp.exe" />
      <string value="E-Mobile.exe" />
      <string value="Feishu.exe" />
      <string value="qq.exe" />
    </list>
  </in>

  <in>
    <evtOperationType />
    <list>
      <constOpFileCopy />
      <!--
      <constOpFileOpen />
    <constOpFileRename />
      -->
      <constOpFileRead />
      <constOpAdePaste />
      <constOpFileMove />
      <constOpNetTransferUpload />
    </list>
  </in>

</and>