I'm trying to write a YARA rule which will iterate some range of bytes, will xor them with something and add to some accumulator in order to compare the final result with a predefined value
Is this possible? As far as I know you cannot declare variables in the condition section.
I have this pe.sections[s].raw_data_offset as the beginning of the stream I need to run on and pe.sections[s].raw_data_offset+pe.sections[s].raw_data_size as the end of it.
