Online Courses
Malware Analysis
HomeAPI Penetration Testing CourseMalware AnalysisAPI AuthenticationSSDLCIS Auditing, Controls and AssuranceCyber Incident ResponseSecurity of the PipelineSecurity in the PipelineSecurity in the PipelineContainer SecurityInfrastructure as CodeCCNA 200-301Blockchain SecurityCyber Threat Hunting
Online Courses
Malware Analysis
HomeAPI Penetration Testing CourseMalware AnalysisAPI AuthenticationSSDLCIS Auditing, Controls and AssuranceCyber Incident ResponseSecurity of the PipelineSecurity in the PipelineSecurity in the PipelineContainer SecurityInfrastructure as CodeCCNA 200-301Blockchain SecurityCyber Threat Hunting
  • Malware Analysis Bootcamp
  • What is Malware Analysis ?
  • Setting Up Our Environment
  • Static Analysis
  • File Type Identification
  • Generating Malware Hashes
  • Extracting Strings
  • Packers & Unpacking
  • Understanding The PE Header
    • Analyzing
  • Examining The Resources Section
  • Malware Classification And Identification
    • YARA Rules
Powered by GitBook
On this page
  1. Malware Classification And Identification

YARA Rules

PreviousMalware Classification And Identification

Last updated 1 year ago

rules are used to identify samples based on specific strings or binary data.

Structure of a YARA rule.

rule <rule_name>
{
meta:
    description = "Sample YARA rule"

strings:
    $a = "example"
    $b = "example2"
    
condition:
    ($a and $b)
}
YARA