Hi Shuvo, Welcome to Yara Project. Did you check "Yara.php_malware_hexinject" what it is checking for? Just see the rule and check if you can bypass.
*Cheers,* *--Raghvendra Mishra* *Principle Threat Researcher* *SonicWall Inc.* *Cell:- +91-8867404241* On Tue, Jan 28, 2020 at 1:52 AM Shuvo Vau <[email protected]> wrote: > Im new here. And im also worrying about it. Because when im a php script > file upload in my host, then host provider warn me! And saying > Yara.php_malware_hexinject.UNOFCIAL FOUND. > If it is safe, then how to upload that script file with this malware? > Any way plz? > > -- > You received this message because you are subscribed to the Google Groups > "YARA" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/yara-project/1ad62522-4a77-44f1-95a0-cbb4b887549b%40googlegroups.com > . > -- You received this message because you are subscribed to the Google Groups "YARA" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/yara-project/CACAQ8EAQ0CXyB8MKRa5Jb2obkp8HoWYT_fZrAYRn6tji-jObYA%40mail.gmail.com.
