I hereby claim:
- I am mguerreiro on github.
- I am mguerreiro (https://keybase.io/mguerreiro) on keybase.
- I have a public key whose fingerprint is C307 00A1 C933 99E4 181E 5D96 6E5F 7F85 1ADF BCE7
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
When creating your rules for YARA keep in mind the following guidelines in order to get the best performance from them. This guide is based on ideas and recommendations by Victor M. Alvarez and WXS.
Global rules are evaluated first. Only if they are satisfied non-global rules are evaluated. This may be useful if all samples exhibit the same characteristics. Use them combined with the "private" statement to suppress a match notification on the global rules.