|
|
|
|
|
|
by agnsaft
2904 days ago
|
|
|
VT is more than just the antivirus engines. If you subscribe (expensive!) you can actively hunt for malware using Yara-rules and a powerful search engine. if you know some patterns in malware you are tracking, you can add Yara rules that will run each time a file is uploaded and will notify you of any matches. Lets assume you know a threat actor always uses the same variable names during heap sprays, you can discover new malware from this threat actor with a Yara rule to look for this pattern. |
|
|