Hello, if anyone can understand me, I am using yara_rules.yar with version
4.4.0 downloaded from https://github.com/VirusTotal/yara/releases the
question is: When I analyze the Operating System in which I install it, I
detect that the file that contains the yara rules, yara_rules.yar, is
infected, is this normal??
# clamscan -r /tmp
Loading: 16s, ETA: 0s [========================>] 8.68M/8.68M sigs
Compiling: 3s, ETA: 0s [========================>] 41/41 tasks
/tmp/yara/rules/yara_rules.yar: Legacy.Trojan.Agent-37025 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 8678201
Engine version: 1.0.3
Scanned directories: 15
Scanned files: 1
Infected files: 1
Data scanned: 0.88 MB
Data read: 2.80 MB (ratio 0.31:1)
Time: 21.252 sec (0 m 21 s)
Start Date: 2023:11:15 09:16:17
End Date: 2023:11:15 09:16:38
--
You received this message because you are subscribed to the Google Groups
"YARA" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/yara-project/db0a3066-31c2-4d89-8a70-2d87ebc6e0f2n%40googlegroups.com.
