Hello! Excuse the novice question, to anyone out there- Thanks!
Why does some malware require a series of YARA rules, such as URSNIF? The rules in order, can be found at: https://gist.github.com/root9b/24b9b25f3b0b06a6939881e68d0bd2d0 1.PoSlurp 2.PowerSniff 3.ShellTea 4.PowerSniff 5.ShellTea 6.PoSlurp -- You received this message because you are subscribed to the Google Groups "YARA" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
