Adding total number of occurrences of multiple strings

Hi, I am trying to do a heuristic based detection of malware samples using YARA and got stuck when i need to add up total number of occurrences of set of strings to detect the sample, For example, say i have a rule like this, *rule Malware_Detection : file* *{* *meta:* *a

Re: Adding total number of occurrences of multiple strings

Hi Raghvendra, #str1 + #str2 + #str3 > 20 should work, no? Hope that helps. Att, Fernando Mercês | menteb.in On Thu, Sep 20, 2018 at 3:48 PM raghvendra mishra wrote: > Hi, > I am trying to do a heuristic based detection of malware samples using > YARA and got s

Re: Adding total number of occurrences of multiple strings

Thanks Fernando, will check this i haven't thought about it as i was playing with string operation expression. On Fri, 21 Sep 2018 at 06:07 Fernando Mercês wrote: > Hi Raghvendra, > > #str1 + #str2 + #str3 > 20 should work, no? > > Hope that helps. > > Att, > > Fernando Mercês

Re: Adding total number of occurrences of multiple strings

Thanks Fernando, your suggestion worked. Thanks a ton. On Friday, 21 September 2018 00:18:45 UTC+5:30, raghvendra mishra wrote: > > Hi, > I am trying to do a heuristic based detection of malware samples using > YARA and got stuck when i need to add up total number of occurrences of set > of stri