Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alistair O2018-09-14 10:13:36
Malware
Alistair O, 2018-09-14 10:13:36

How to use hash function in yara64.exe?

Hello,
the task is to do a hash search,
according to the link https://cyberdefenses.com/yara-hashing-magic/

import "hash" 

rule REALNOTEPAD {

    meta:
        description = "REAL NOTEPAD"

   

    condition:
        
        filesize < 3KB and
        hash.md5(0, filesize) == "698D51A19D8A121CE581499D7B701668"     
}

query yara64.exe -r md5_match.yara c:\Users\user1\Downloads finds nothing

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
K
Kris1252016-08-25 13:48:01
Is it possible to catch a virus on MAC OS using an Html file? 5Reply
S
Sergey Goryachev2019-02-05 12:53:37
Is a separate user of ISPmanager a guarantor of the protection of other sites? 1Reply
A
Alexander Rastamanov2019-02-05 18:11:29
How to remove a miner from a site on 1C-Bitrix? 0Reply
D
Dima_kras2014-08-25 07:25:39
Where is the virus on the site or on the client? 2Reply
S
SoCoderPioduno2020-11-12 19:12:09
What is the win32:Dh-A[Heur] virus? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question