Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Video: YARA Rules for Office Maldocs - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Video: YARA Rules for Office Maldocs

In this video, I show and explain the YARA rules I covered in diary entries "Extra Tip For Triage Of MALWARE Bazaar's Daily Malware Batches" , "Simple YARA Rules for Office Maldocs" and "YARA Rule for OOXML Maldocs: Less False Positives".

Didier Stevens
Senior handler
Microsoft MVP


652 Posts
ISC Handler
Nov 28th 2021

Sign Up for Free or Log In to start participating in the conversation!