(YARA) Yara_Detect_OutputDebugString

Created the . Updated 1 year, 9 months ago.

            rule Detect_OutputDebugStringA_iat: AntiDebug
{
	meta:
		Author = "http://twitter.com/j0sm1"
		Description = "Detect in IAT OutputDebugstringA"
		Date = "20/04/2015"

	condition:
		pe.imports("kernel32.dll","OutputDebugStringA")
}

Download Raw

Associated Techniques

Technique Name	Technique ID's	Has Snippet(s)
OutputDebugString	U0117 B0001.016