welsonjs/pe.yar at 0eceab3d9b76577000a60a985bfe0b92832d0d94 - welsonjs - Catswords: Catch your own words!

gnh1201/welsonjs

mirror of https://github.com/gnh1201/welsonjs.git synced 2025-02-06 23:14:58 +00:00

Namhyeon, Go 1e16ff9483

CodeQL / Analyze (csharp) (push) Waiting to run

Details

CodeQL / Analyze (javascript) (push) Waiting to run

Details

CodeQL / Analyze (python) (push) Waiting to run

Details

Update pe.yar

2024-08-12 13:07:16 +09:00

26 lines

281 B

Plaintext

Raw Blame History

 import "pe"
 rule single_section
 {
     condition:
         pe.number_of_sections == 1
 }
 rule control_panel_applet
 {
     condition:
         pe.exports("CPlApplet")
 }
 rule is_dll
 {
     condition:
         pe.characteristics & pe.DLL
 }
 rule is_pe
 {
     condition:
         pe.is_pe
 }