Online Courses
Malware Analysis
Online Courses
Malware Analysis
  • Malware Analysis Bootcamp
  • What is Malware Analysis ?
  • Setting Up Our Environment
  • Static Analysis
  • File Type Identification
  • Generating Malware Hashes
  • Extracting Strings
  • Packers & Unpacking
  • Understanding The PE Header
    • Analyzing
  • Examining The Resources Section
  • Malware Classification And Identification
    • YARA Rules
Powered by GitBook
On this page
  1. Malware Classification And Identification

YARA Rules

PreviousMalware Classification And Identification

Last updated 1 year ago

rules are used to identify samples based on specific strings or binary data.

Structure of a YARA rule.

rule <rule_name>
{
meta:
    description = "Sample YARA rule"

strings:
    $a = "example"
    $b = "example2"
    
condition:
    ($a and $b)
}
YARA