-
-
Notifications
You must be signed in to change notification settings - Fork 84
/
yara.scroll
84 lines (71 loc) · 2.31 KB
/
yara.scroll
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
import ../code/conceptPage.scroll
id yara
name YARA
appeared 2008
creators Victor M. Alvarez
tags pl
website http://virustotal.github.io/yara/
latestVersion v4.5.1
standsFor Yet Another Recursive Acronym
conceptDescription YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determine its logic.
isOpenSource true
writtenIn c restructuredtext xml cpp starlark yaml markdown bourne-shell yacc lex bazel protobuf m4 make javascript svg html python
fileType text
centralPackageRepositoryCount 0
repoStats
firstCommit 2008
commits 3358
committers 237
files 385
newestCommit 2024
example
rule silent_banker : banker
{
meta:
description = "This is just an example"
threat_level = 3
in_the_wild = true
strings:
$a = {6A 40 68 00 30 00 00 6A 14 8D 91}
$b = {8D 4D B0 2B C1 83 C0 27 99 6A 4E 59 F7 F9}
$c = "UVODFRYSIHLNWPEJXQZAKCBGMT"
condition:
$a or $b or $c
}
githubRepo https://github.com/VirusTotal/yara
firstCommit 2008
stars 5770
forks 1197
subscribers 302
created 2012
updated 2022
description The pattern matching swiss knife
issues 140
wikipedia https://en.wikipedia.org/wiki/YARA
related perl regex elf
summary YARA is the name of a tool primarily used in malware research and detection. It provides a rule-based approach to create descriptions of malware families based on textual or binary patterns. A description is essentially a Yara rule name, where these rules consist of sets of strings and a boolean expression. The language used has traits of Perl compatible regular expressions.
pageId 26289898
created 2010
backlinksCount 5
revisionCount 27
dailyPageViews 106
githubBigQuery YARA
repos 46
users 43
linguistGrammarRepo https://github.com/blacktop/language-yara
firstCommit 2014
lastCommit 2018
committerCount 4
commitCount 21
sampleCount 3
example
rule test { condition: true }
isbndb 0
githubLanguage YARA
fileExtensions yar yara
trendingProjectsCount 0
type programming
aceMode text
tmScope source.yara
repos 812
semanticScholar 0