Search For Content
Search Result
2 item(s) found so far for this keyword.
Anti Yara Rules
Yara rules are used by malware researchers to identify and classify malware based on specific characteristics and behaviors. These rules are powerful because they allow researchers to quickly and accurately detect malware, even if it has been modified to avoid detection. However, attackers can also modify their malware to avoid detection by Yara rules.
This is often seen with …
Read moreObfuscated Files or Information: Dynamic API Resolution
![Defense Evasion [Mitre] icon](/media/2024/04/08/icons8-burglar.svg){kind=small}
Adversaries may obfuscate then dynamically resolve API functions called by their malware in order to conceal malicious functionalities and impair defensive analysis. Malware commonly uses various Native API functions provided by the OS to perform various tasks such as those involving processes, files, and other system artifacts.
API functions called by malware may leave static artifacts such as strings …
Read more