Malware Devil

Loading...

Sunday, April 4, 2021

YARA and CyberChef: ZIP, (Sun, Apr 4th)

When processing the result of “unzip” in CyberChef, for example with YARA rules, all files contained inside the ZIP file, are concatenated together.

This is not a problem when dealing with a single file inside a ZIP container. But it can be for multiple files. If you want to know more, I recorded a video with more details:

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More

The post YARA and CyberChef: ZIP, (Sun, Apr 4th) appeared first on Malware Devil.



https://malwaredevil.com/2021/04/04/yara-and-cyberchef-zip-sun-apr-4th/?utm_source=rss&utm_medium=rss&utm_campaign=yara-and-cyberchef-zip-sun-apr-4th
at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Barbary Pirates and Russian Cybercrime

In 1801, the United States had a small Navy. Thomas Jefferson deployed almost half that Navy—three frigates and a schooner—to the Barbary C...