YARA is an open source and command line based tool aimed at helping malware researchers to identify and classify malware samples.
With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic.
How to install and run: Unarchive, open a Terminal window, go to the YARA's folder and run the following commands from the command line:
./configure
make
make install
yara
Requirements:
· Apple Xcode
What's New in This Release: [ read full changelog ]
· faster compilation
· added suport for modulus (%) and bitwise xor (|) operators
· better hashing of regular expressions
· BUGFIX: yara-python segfault when using dir() on Rules and Match classes
· BUGFIX: Integer overflow causing infinite loop
· BUGFIX: Handling strings containing \x00 characters correctly
· BUGFIX: Regular expressions not matching at the end of the file when compiled with RE2
· BUGFIX: Memory leaks
· BUGFIX: File handle leaks
Find us on Google+
