Hax
@4n
#100daysofyara continuing to explore yara-x today I tried to detect a renamed QEMU exe using pe attributes and a dynamic variable. Rule: https://github.com/mgreen27/100daysofyara/blob/main/2025/SUS_Renamed_QEMU_Jan25.yar
0 reply
0 recast
0 reaction