yara: match x86 that appears to manually traverse the TEB/PEB/LDR data.
#100DaysofYARA
https://gist.github.com/williballenthin/08891865082a8bd5bf921b58fa312ada#file-peb_parsing-yara
@williballenthin
yara: match x86 that appears to manually traverse the TEB/PEB/LDR data.
#100DaysofYARA
https://gist.github.com/williballenthin/08891865082a8bd5bf921b58fa312ada#file-peb_parsing-yara