False Positives for YARA rule
I’ve run a malware ruleset from the Yara rules repository run on my Sys32 directory without -r and come across a lot of positives (+extra counts) for GLASSES and GLASSESCode
Most matches are with DirectX DLLs but I assume it’s just coincid… Continue reading False Positives for YARA rule