Anti Yara Rules

Yara rules are very powerful at finding new malware or detecting specific techniques. Malware writers also know that malware researchers are using Yara. To avoid Yara hunting, attackers can modify specific data in samples.

This can be observed with ransomware notes with updated content to avoid tracking or detection of ransomware variants.

U1001

Additional Resources

Subscribe to our Newsletter and don't miss important updates