Sneed-Reactivity/yara-mikesxrs/malc0de/newsreels_apt1.yar

rule newsreels : apt
{
    strings:
        $a = "name=%s&userid=%04d&other=%c%s"
        $b = "thequickbrownfxjmpsvalzydg"
    condition:
        filesize < 300KB and (2 of ($a,$b))
}
OMG ISTG PLS WORK RED PILL :red_circle: :pill: 2024-07-25 12:43:35 -05:00			`rule newsreels : apt`
			`{`
			`strings:`
			`$a = "name=%s&userid=%04d&other=%c%s"`
			`$b = "thequickbrownfxjmpsvalzydg"`
			`condition:`
			`filesize < 300KB and (2 of ($a,$b))`
			`}`