Hi all, I would like to write a Yara 2.0 rule in Chronicle that shows if the target (outbound) ip-address is flagged by VirusTotal and, if so, counts how many times these uniquely malacious ip-addresses have been accessed.
I am currently stuck because I don't know how to use the proper syntax and correlate it to VirusTotal for properly assessing the ip-addresses. Thanks in advance, Kind regards, Brandon -- You received this message because you are subscribed to the Google Groups "YARA" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/yara-project/69e445cc-e34b-4cd7-8e65-5322d0f9d08cn%40googlegroups.com.
