Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Video: YARA Rules for Office Maldocs - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Video: YARA Rules for Office Maldocs

In this video, I show and explain the YARA rules I covered in diary entries "Extra Tip For Triage Of MALWARE Bazaar's Daily Malware Batches" , "Simple YARA Rules for Office Maldocs" and "YARA Rule for OOXML Maldocs: Less False Positives".

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com

DidierStevens

652 Posts
ISC Handler
Nov 28th 2021

Sign Up for Free or Log In to start participating in the conversation!