From f35aa8692706294c922c05c6a2fc083cc7b48a48 Mon Sep 17 00:00:00 2001
From: Florian Roth <venom14@gmail.com>
Date: Fri, 6 Jan 2023 15:32:14 +0100
Subject: [PATCH] refactor: avoid using the elf module for performance reasons

---
 yara/virus/Linux.Virus.Vit.yara | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/yara/virus/Linux.Virus.Vit.yara b/yara/virus/Linux.Virus.Vit.yara
index eb31c5d..8bd68e1 100644
--- a/yara/virus/Linux.Virus.Vit.yara
+++ b/yara/virus/Linux.Virus.Vit.yara
@@ -1,5 +1,3 @@
-import "elf"
-
 rule Linux_Virus_Vit : tc_detection malicious
 {
     meta:
@@ -32,5 +30,5 @@ rule Linux_Virus_Vit : tc_detection malicious
       $vit_str = "vi324.tmp"
 
     condition:
-        uint32(0) == 0x464C457F and $vit_entry_point at elf.entry_point and $vit_str
-}
\ No newline at end of file
+        uint32(0) == 0x464C457F and all of them
+}