YARA 3.5.0

@plusvic plusvic released this Sep 6, 2016 · 91 commits to master since this release

  • Match length operator (http://yara.readthedocs.io/en/v3.5.0/writingrules.html#match-length)
  • Performance improvements
  • Less memory consumption while scanning processes
  • Exception handling when scanning memory blocks
  • Negative integers in meta fields
  • Added the --stack-size command-argument
  • Functions import_ordinal, is_dll, is_32bit and is_64bit added to PE module
  • Functions rich_signature.toolid and rich_signature.version added to PE module
  • Lots of bug fixes

Refer to the documentation for information on how to build and install YARA.

Windows binaries can be found here.

Downloads