So does that mean it is a positive for something being detected? On Tuesday, 11 August 2020 10:41:48 UTC+10, Wesley Shields wrote: > > The format is <rule name> <matching file path>. > > In your case, YARA matched two rules on the file c:\Temp\yarfile.yar > > -- WXS > > On Aug 10, 2020, at 8:33 PM, Michael Fry <[email protected] <javascript:>> > wrote: > > Hi All, > > So I have recently been asked to use Yara to scan some servers for some > IOCs and I am using the command line version. > > The yar file was provided to me. > > I am struggling to find anything anywhere that outlines interpretting the > log file. For example, if I have the below, is this indicating a type of > scan using a particular yar file? Or is it indicating that it has found > something? > > webshell_embedded_jscript_evaluator c:\\Temp\yarfile.yar > webshell_jscript_eval c:\\Temp\yarfile.yar > > Thanks > Michael > > -- > You received this message because you are subscribed to the Google Groups > "YARA" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/yara-project/fca76a39-121e-476d-a597-9f4d3ea18cado%40googlegroups.com > > <https://groups.google.com/d/msgid/yara-project/fca76a39-121e-476d-a597-9f4d3ea18cado%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > >
-- You received this message because you are subscribed to the Google Groups "YARA" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/yara-project/348a4407-a2b3-4d18-853d-2f7da33827dco%40googlegroups.com.
