(YARA) Detect_OllyDbg_BadFormat_Trick

Created the . Updated 1 year, 10 months ago.

            rule Detect_OllyDBG_BadFormatTrick: AntiDebug {
    meta: 
        description = "Detect bad format not handled by Ollydbg"
        author = "Unprotect"
        comment = "Experimental rule"
    strings:
        $1 = "%s%s.exe" fullword ascii
    condition:   
       $1
}

Download Raw

Associated Techniques

Technique Name	Technique ID's	Has Snippet(s)
Bad String Format	U0104