Sneed-Reactivity/yara-mikesxrs/AirBnB/MachO.yar

8 lines
255 B
Text
Raw Normal View History

private rule MachO
{
meta:
description = "Mach-O binaries"
condition:
uint32(0) == 0xfeedface or uint32(0) == 0xcefaedfe or uint32(0) == 0xfeedfacf or uint32(0) == 0xcffaedfe or uint32(0) == 0xcafebabe or uint32(0) == 0xbebafeca
}