Sample

Metadata

SHA256: 892834734712fe5bc7a6614be6972de1be2d74ad424ef47b2c701046e4912426
Difficulty: medium
Platform: Windows
Tags: privateloader signature writing
Likes: 0
Views: 2
Submitter: struppigel

Analysis

Goal

Write a code-based signature with Yara for this sample.

Description

I recommend to use the API resolve code to do that. You can test your signature, e.g., on unpac.me or similar platforms that allow to scan past submissions with Yara.

Recommended Tools

Ghidra Yara

Solutions

Writing Code Signatures Reference by struppigel

Image

Video

Solution by struppigel: Writing Code Signatures

Comments

Please login to view and post comments.