PHASE: YARA Rules50% COMPLETION
MODULE 11
Hunting Malware (YARA)
Writing YARA rules to scan files and memory for malware families.
YARA Rules
YARA identifies malware based on patterns.
rule Cobalt_Strike {
strings:
$s1 = "beacon.dll"
condition:
$s1
}
strings:
$s1 = "beacon.dll"
condition:
$s1
}