Indicators of Compromise & YARA Rules
Turn malware analysis findings into reusable detection: extract indicators of compromise and write YARA rules to identify related samples.
From Analysis to Detection
You can classify malware types, perform basic behavioral analysis, and unpack samples. The payoff is detection: converting what you learned into signals that catch the same threat elsewhere.
What Is an IOC?
An Indicator of Compromise (IOC) is an observable artifact that suggests an intrusion.
- File hashes (MD5, SHA-256)
- Domains and IP addresses
- Registry keys, mutexes, file paths
All lessons in this course
- Types of Malware and Their Behavior
- Basic Behavioral Analysis
- Introduction to Malware Unpacking
- Indicators of Compromise & YARA Rules