Hi,
I'm using Yara with Cortex. I'm not able to understand the reason behind
this error. includes depth exceeded
Invalid output
Traceback (most recent call last):
File "Yara/yara_analyzer.py", line 71, in <module>
YaraAnalyzer().run()
File "Yara/yara_analyzer.py", line 23, in __init__
self.ruleset.append(yara.compile(rulepath))
yara.SyntaxError:
/opt/Cortex-Analyzers/analyzers/Yara/rules/research/APT1_aspnetreport.yar(1480):
includes depth exceeded
rule APT1_aspnetreport
{
meta:
author = "AlienVault Labs"
info = "CommentCrew-threat-apt1"
strings:
$url = "aspnet_client/report.asp" wide ascii
$param = "name=%s&Gender=%c&Random=%04d&SessionKey=%s" wide ascii
condition:
$url and $param and APT1_payloads
}
Any help is appreciated.
Ayed
--
You received this message because you are subscribed to the Google Groups
"YARA" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/yara-project/dbe9083b-f683-4c53-baf9-21949703b4f7%40googlegroups.com.
