ReversingLabs has developed, tested and published over 100 Open-Source YARA rules on GitHub.
The rules cover a broad range of categories, detecting a multitude of malware downloaders, viruses, trojans, exploits and ransomware.
YARA detection rules are developed for threat hunters, threat researchers, incident responders and security analysts with the mission to reduce malware infection risk across the organization.
Each unique rule can inspect file content on endpoints, during transfer, execution or at rest. While there’s no limit to usage, the best results are seen with fully inspected multi-layered content.
Apply these YARA rules within static analysis solutions that perform decomposition, dynamic sandbox solutions that perform in memory YARA matching, network IPS controls or even SIEMs.
On June 30th 2020 ReversingLabs published over 100 open-source YARA rules within the ReversingLabs GitHub repository.
ReversingLabs plans to use the GitHub repository as the primary delivery method for threat defenders to access updated and quality open-source YARA rules that detect the latest threats.
Finding similar or relevant samples using YARA is part of every hunter's day, and is similar to finding a needle in a haystack.
Learn More
Getting Ahead of Ryuk attacks using YARA Rules - Continued
Learn More
Register for On-Demand Webinar: How to Analyze the Kwampirs RAT
Learn More
Software Supply Chain Security Analysis for end to end Software Development workflows, containers and release packages
Learn More
The world’s most popular and authoritative database of goodware and malware threat intelligence
Learn More
Assess millions of files from web traffic, email, file transfers, endpoints or storage
Learn More
An instant malware lab with static and dynamic analysis for all of your company's
files and binaries
