VTYara - Githubissues

VirusTotal / yara

The pattern matching swiss knife

https://virustotal.github.io/yara/

BSD 3-Clause "New" or "Revised" License

8.08k stars 1.43k forks source link

VTYara #1950

Closed dh-orko closed 1 year ago

dh-orko commented 1 year ago

Duplicate of #rule silent_banker : banker { meta: description = "This is just an example" thread_level = 3 in_the_wild = true

strings:
    $a = {6A 40 68 00 30 00 00 6A 14 8D 91}
    $b = {8D 4D B0 2B C1 83 C0 27 99 6A 4E 59 F7 F9}
    $c = "UVODFRYSIHLNWPEJXQZAKCBGMT"

condition:
    $a or $b or $c

}

dh-orko commented 1 year ago

strings: $a = {6A 40 68 00 30 00 00 6A 14 8D 91} $b = {8D 4D B0 2B C1 83 C0 27 99 6A 4E 59 F7 F9} $c = "UVODFRYSIHLNWPEJXQZAKCBGMT"

condition: $a or $b or $c