Skip to content

Fedora: Address remaining false-positives within /usr (#603)

VirusTotal YARA-CI / Rules Analysis completed Nov 8, 2024 in 6s

Warnings found

Status Count
🟢 Files OK 963
🟠 Files with warnings 15
🔴 Files with errors 0
Files ignored 642

Annotations

Check warning on line 10 in rules/anti-static/base64/obfuscated_caller.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/anti-static/base64/obfuscated_caller.yara#L10

rule "base64_str_replace": string "$b" may slow down scanning

Check warning on line 9 in rules/anti-static/binary/opaque.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/anti-static/binary/opaque.yara#L9

rule "opaque_binary": string "$word_with_spaces" may slow down scanning

Check warning on line 10 in rules/anti-static/obfuscation/php/filler.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/anti-static/obfuscation/php/filler.yara#L10

rule "base64_str_replace": string "$b" may slow down scanning

Check warning on line 23 in rules/anti-static/obfuscation/php/filler.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/anti-static/obfuscation/php/filler.yara#L23

rule "gzinflate_str_replace": string "$b" may slow down scanning

Check warning on line 12 in rules/anti-static/obfuscation/php/str_replace.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/anti-static/obfuscation/php/str_replace.yara#L12

rule "php_str_replace_obfuscation": string "$o_recursive_single" may slow down scanning

Check warning on line 54 in rules/anti-static/obfuscation/php/string_concatenation.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/anti-static/obfuscation/php/string_concatenation.yara#L54

rule "php_short_concat": string "$concat" may slow down scanning

Check warning on line 66 in rules/anti-static/obfuscation/php/string_concatenation.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/anti-static/obfuscation/php/string_concatenation.yara#L66

rule "php_short_concat_multiple": string "$concat" may slow down scanning

Check warning on line 7 in rules/anti-static/obfuscation/python/hex.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/anti-static/obfuscation/python/hex.yara#L7

rule "python_long_hex": string "$assign" may slow down scanning

Check warning on line 19 in rules/anti-static/obfuscation/python/hex.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/anti-static/obfuscation/python/hex.yara#L19

rule "python_long_hex_multiple": string "$assign" may slow down scanning

Check warning on line 12 in rules/anti-static/obfuscation/python/hex_decimal.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/anti-static/obfuscation/python/hex_decimal.yara#L12

rule "python_hex_decimal": string "$trash" may slow down scanning

Check warning on line 10 in rules/c2/addr/ip.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/c2/addr/ip.yara#L10

rule "hardcoded_ip": string "$sus_ipv4" may slow down scanning

Check warning on line 11 in rules/c2/addr/ip.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/c2/addr/ip.yara#L11

rule "hardcoded_ip": string "$not_version" may slow down scanning

Check warning on line 33 in rules/c2/addr/ip.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/c2/addr/ip.yara#L33

rule "elf_hardcoded_ip": string "$sus_ipv4" may slow down scanning

Check warning on line 34 in rules/c2/addr/ip.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/c2/addr/ip.yara#L34

rule "elf_hardcoded_ip": string "$not_version" may slow down scanning

Check warning on line 75 in rules/c2/addr/ip.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/c2/addr/ip.yara#L75

rule "hardcoded_ip_port": string "$ipv4" may slow down scanning

Check warning on line 12 in rules/exec/shell/background-sleep.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/exec/shell/background-sleep.yara#L12

rule "sleep_and_background": string "$cmd_bg" may slow down scanning

Check warning on line 30 in rules/exfil/curl_elf.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/exfil/curl_elf.yara#L30

rule "exfil_libcurl_elf": string "$word_with_spaces" may slow down scanning

Check warning on line 9 in rules/impact/degrade/app.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/impact/degrade/app.yara#L9

rule "osascript_window_closer": string "$c_app_name" may slow down scanning

Check warning on line 26 in rules/impact/degrade/app.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/impact/degrade/app.yara#L26

rule "osascript_quitter": string "$c_app_name" may slow down scanning

Check warning on line 349 in rules/impact/remote_access/php.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/impact/remote_access/php.yara#L349

rule "php_str_replace_obfuscation": string "$o_recursive_single" may slow down scanning

Check warning on line 27 in rules/malware/family/amos.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/malware/family/amos.yara#L27

rule "amos_magic_var": string "$word_with_spaces" may slow down scanning

Check warning on line 8 in rules/persist/systemd/no_docs_or_comments.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/persist/systemd/no_docs_or_comments.yara#L8

rule "systemd_no_comments_or_documentation": string "$ex_comment" may slow down scanning

Check warning on line 26 in rules/sus/ancient_gcc.yara

See this annotation in the file changed.

@virustotal-yara-ci virustotal-yara-ci / Rules Analysis

rules/sus/ancient_gcc.yara#L26

rule "small_opaque_archaic_gcc": string "$word_with_spaces" may slow down scanning