Update third-party rules as of 2024-12-23 #736
Warnings found
| Status | Count | |
|---|---|---|
| 🟢 | Files OK | 1046 |
| 🟠 | Files with warnings | 13 |
| 🔴 | Files with errors | 0 |
| ⚪ | Files ignored | 802 |
Annotations
Check warning on line 8 in rules/anti-static/binary/opaque.yara
virustotal-yara-ci / Rules Analysis
rules/anti-static/binary/opaque.yara#L8
rule "opaque_binary": string "$word_with_spaces" may slow down scanning
Check warning on line 27 in rules/anti-static/obfuscation/php.yara
virustotal-yara-ci / Rules Analysis
rules/anti-static/obfuscation/php.yara#L27
rule "gzinflate_str_replace": string "$b" may slow down scanning
Check warning on line 197 in rules/anti-static/obfuscation/php.yara
virustotal-yara-ci / Rules Analysis
rules/anti-static/obfuscation/php.yara#L197
rule "php_short_concat": string "$concat" may slow down scanning
Check warning on line 209 in rules/anti-static/obfuscation/php.yara
virustotal-yara-ci / Rules Analysis
rules/anti-static/obfuscation/php.yara#L209
rule "php_short_concat_multiple": string "$concat" may slow down scanning
Check warning on line 212 in rules/anti-static/obfuscation/python.yara
virustotal-yara-ci / Rules Analysis
rules/anti-static/obfuscation/python.yara#L212
rule "python_long_hex": string "$assign" may slow down scanning
Check warning on line 224 in rules/anti-static/obfuscation/python.yara
virustotal-yara-ci / Rules Analysis
rules/anti-static/obfuscation/python.yara#L224
rule "python_long_hex_multiple": string "$assign" may slow down scanning
Check warning on line 241 in rules/anti-static/obfuscation/python.yara
virustotal-yara-ci / Rules Analysis
rules/anti-static/obfuscation/python.yara#L241
rule "python_hex_decimal": string "$trash" may slow down scanning
Check warning on line 7 in rules/c2/addr/ip.yara
virustotal-yara-ci / Rules Analysis
rules/c2/addr/ip.yara#L7
rule "hardcoded_ip": string "$sus_ipv4" may slow down scanning
Check warning on line 8 in rules/c2/addr/ip.yara
virustotal-yara-ci / Rules Analysis
rules/c2/addr/ip.yara#L8
rule "hardcoded_ip": string "$not_version" may slow down scanning
Check warning on line 33 in rules/c2/addr/ip.yara
virustotal-yara-ci / Rules Analysis
rules/c2/addr/ip.yara#L33
rule "bin_hardcoded_ip": string "$sus_ipv4" may slow down scanning
Check warning on line 34 in rules/c2/addr/ip.yara
virustotal-yara-ci / Rules Analysis
rules/c2/addr/ip.yara#L34
rule "bin_hardcoded_ip": string "$not_version" may slow down scanning
Check warning on line 75 in rules/c2/addr/ip.yara
virustotal-yara-ci / Rules Analysis
rules/c2/addr/ip.yara#L75
rule "hardcoded_ip_port": string "$ipv4" may slow down scanning
Check warning on line 16 in rules/exec/program/opaque.yara
virustotal-yara-ci / Rules Analysis
rules/exec/program/opaque.yara#L16
rule "macho_opaque_binary": string "$word_with_spaces" may slow down scanning
Check warning on line 34 in rules/exec/program/opaque.yara
virustotal-yara-ci / Rules Analysis
rules/exec/program/opaque.yara#L34
rule "macho_opaque_binary_long_str": string "$word_with_spaces" may slow down scanning
Check warning on line 43 in rules/exec/program/opaque.yara
virustotal-yara-ci / Rules Analysis
rules/exec/program/opaque.yara#L43
rule "macho_opaque_binary_long_str": string "$long_low_str" may slow down scanning
Check warning on line 9 in rules/exec/shell/background-sleep.yara
virustotal-yara-ci / Rules Analysis
rules/exec/shell/background-sleep.yara#L9
rule "sleep_and_background": string "$cmd_bg" may slow down scanning
Check warning on line 30 in rules/exfil/curl_elf.yara
virustotal-yara-ci / Rules Analysis
rules/exfil/curl_elf.yara#L30
rule "exfil_libcurl_elf": string "$word_with_spaces" may slow down scanning
Check warning on line 9 in rules/impact/degrade/app.yara
virustotal-yara-ci / Rules Analysis
rules/impact/degrade/app.yara#L9
rule "osascript_window_closer": string "$c_app_name" may slow down scanning
Check warning on line 26 in rules/impact/degrade/app.yara
virustotal-yara-ci / Rules Analysis
rules/impact/degrade/app.yara#L26
rule "osascript_quitter": string "$c_app_name" may slow down scanning
Check warning on line 116 in rules/impact/remote_access/backdoor.yara
virustotal-yara-ci / Rules Analysis
rules/impact/remote_access/backdoor.yara#L116
rule "macho_backdoor_libc_signature": string "$word_with_spaces" may slow down scanning
Check warning on line 27 in rules/malware/family/amos.yara
virustotal-yara-ci / Rules Analysis
rules/malware/family/amos.yara#L27
rule "amos_magic_var": string "$word_with_spaces" may slow down scanning
Check warning on line 55 in rules/net/ip/host_port.yara
virustotal-yara-ci / Rules Analysis
rules/net/ip/host_port.yara#L55
rule "hardcoded_host_port": string "$h_domain_tld" may slow down scanning
Check warning on line 56 in rules/net/ip/host_port.yara
virustotal-yara-ci / Rules Analysis
rules/net/ip/host_port.yara#L56
rule "hardcoded_host_port": string "$host_domain_tld" may slow down scanning
Check warning on line 57 in rules/net/ip/host_port.yara
virustotal-yara-ci / Rules Analysis
rules/net/ip/host_port.yara#L57
rule "hardcoded_host_port": string "$host_domain_sld_tld" may slow down scanning
Check warning on line 68 in rules/net/ip/host_port.yara
virustotal-yara-ci / Rules Analysis
rules/net/ip/host_port.yara#L68
rule "hardcoded_host_port_over_10k": string "$h_domain_tld" may slow down scanning