(YARA) Detect_OllyDbg_BadFormat_Trick
rule Detect_OllyDBG_BadFormatTrick: AntiDebug {
meta:
description = "Detect bad format not handled by Ollydbg"
author = "Unprotect"
comment = "Experimental rule"
strings:
$1 = "%s%s.exe" fullword ascii
condition:
$1
}
Associated Techniques
| Technique Name | Technique ID's | Snippet(s) | OS |
|---|---|---|---|
| Bad String Format | U0104 |
Created
June 22, 2022
Last Revised
June 22, 2022