Closed trinity-jbrown closed 1 year ago
Adding YARA rule that detects unsigned PE files with overlays that are a large percentage of the total filesize and have an entropy of less than 1.
Adding YARA rule that detects unsigned PE files with overlays that are a large percentage of the total filesize and have an entropy of less than 1.