Skip to content

dehoisted/Yara-Rules

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits

Extra

Extra

 
 

Malware

Malware

 
 

PEPackers

PEPackers

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

Yara-Rules

Useful Yara rules that I made/use

Yara Info

Documentation: https://virustotal.github.io/yara/

Source code: https://github.com/virustotal/yara

Official download/release: https://github.com/virustotal/yara/releases

Usage

Example of using Yara (command line):

yara64 --print-meta --print-strings --print-stats rules\upx.yara apps\app.exe

Personally I use Yara with ImHex (hex editor/viewer) by putting all .yar files in "C:\Program Files\ImHex\yara"

It should look like this when a condition is met (using ImHex):
image

ImHex Info

Documentation: https://github.com/WerWolv/ImHex/wiki/Pattern-Language-Guide

Source code: https://github.com/WerWolv/ImHex

Official download/release: https://github.com/WerWolv/ImHex/releases

About

Useful Yara rules that I made/use.

Topics

malware-analysis yara-rules imhex packer-detection

Resources

Readme

License

GPL-3.0 license
Activity

Stars

4 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 1

Yara Rules - Organized Latest
Jul 5, 2021

Packages

No packages published

Languages