| Designed by | Victor Alvarez |
|---|---|
| First appeared | 2013 |
| Stable release | 4.5.1
[1]
/ 25 May 2024 |
| Filename extensions | .yara |
| Website |
virustotal |
YARA is a tool primarily used in malware research and detection.
It provides a rule-based approach to create descriptions of malware families based on regular expression, textual or binary patterns. A description is essentially a YARA rule name, where these rules consist of sets of strings and a Boolean expression. [2]
History
YARA was originally developed by Victor Alvarez of VirusTotal and released on GitHub in 2013. [3] The name is an abbreviation of YARA: Another Recursive Acronym or Yet Another Ridiculous Acronym. [4]
Design
YARA by default comes with modules to process PE, ELF analysis, as well as support for the open-source Cuckoo sandbox.
See also
References
- ^ "Release 4.5.1". 25 May 2024. Retrieved 28 May 2024.
- ^ "Welcome to YARA's documentation!". yara.readthedocs.io. Retrieved 2023-09-18.
- ^ "Release v1.7.1". GitHub.
- ^ Victor M. Alvarez [@plusvic] (22 September 2016). "@milliped @yararules YARA is an acronym for: YARA: Another Recursive Acronym, or Yet Another Ridiculous Acronym. Pick your choice" ( Tweet) – via Twitter.
External links
 | This malware-related article is a stub. You can help Wikipedia by expanding it. |
| Designed by | Victor Alvarez |
|---|---|
| First appeared | 2013 |
| Stable release | 4.5.1
[1]
/ 25 May 2024 |
| Filename extensions | .yara |
| Website |
virustotal |
YARA is a tool primarily used in malware research and detection.
It provides a rule-based approach to create descriptions of malware families based on regular expression, textual or binary patterns. A description is essentially a YARA rule name, where these rules consist of sets of strings and a Boolean expression. [2]
History
YARA was originally developed by Victor Alvarez of VirusTotal and released on GitHub in 2013. [3] The name is an abbreviation of YARA: Another Recursive Acronym or Yet Another Ridiculous Acronym. [4]
Design
YARA by default comes with modules to process PE, ELF analysis, as well as support for the open-source Cuckoo sandbox.
See also
References
- ^ "Release 4.5.1". 25 May 2024. Retrieved 28 May 2024.
- ^ "Welcome to YARA's documentation!". yara.readthedocs.io. Retrieved 2023-09-18.
- ^ "Release v1.7.1". GitHub.
- ^ Victor M. Alvarez [@plusvic] (22 September 2016). "@milliped @yararules YARA is an acronym for: YARA: Another Recursive Acronym, or Yet Another Ridiculous Acronym. Pick your choice" ( Tweet) – via Twitter.
External links
|
| This malware-related article is a stub. You can help Wikipedia by expanding it. |