Audience

Pattern matching solution for malware researchers

About YARA

YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determine its logic. YARA-CI may be a useful addition to your toolbelt. This is GitHub application that provides continuous testing for your rules, helping you to identify common mistakes and false positives. The above rule is telling YARA that any file containing one of the three strings must be reported as silent_banker.

Popular Alternatives
Hybrid Analysis
Hybrid Analysis
Here you can find common 'how-to' and troubleshooting guides around this community platform and aspects of the Falcon Sandbox platform. Please use the menu on the left side to navigate through some of the published articles. Hybrid Analysis requires that users undergo the Hybrid Analysis Vetting Process prior to obtaining an API key or downloading malware samples. Please note that you must abide by the Hybrid Analysis Terms and Conditions and only use these samples for research purposes. You are not permitted to share your user credentials or API key with anyone else. Please notify Hybrid Analysis immediately if you believe that your API key or user credentials have been compromised. At times, it may happen that a vetting request will get rejected due to incomplete data or a missing full real name, real business name or other means of validating cybersecurity credentials. In this case, it is possible to re-submit a vetting request one more time.
Learn more
Avira Cloud Sandbox
Avira Cloud Sandbox
The Avira Cloud Sandbox is an award-winning, unlimited-scale automated malware analysis service. It blends multiple advanced analysis technologies to deliver a complete threat intelligence report from an uploaded file. The Cloud Sandbox API delivers a detailed, file-specific, threat intelligence report. It contains valuable, actionable intelligence. The report has a detailed classification of the file, information on the techniques, tactics and procedures (IoCs) present in the threat, and a description of how and why the submitted file was identified as clean, malicious, or suspicious. Avira’s Cloud Sandbox leverages the technologies developed within the Avira Protection Cloud, the cloud security system that underpins the anti-malware and threat intelligence solutions of Avira. Through OEM technology partnerships we protect many of the world’s leading cyber-security vendors, and nearly a billion people world-wide.
Learn more
odix
odix
odix’s patented technology disarms malicious code from files. Our concept is simple, instead of trying to detect the malware, odix generates a malware free copy of the file to the user. Total protection from known and unknown threats delivered to corporate network by incoming files. odix’s malware prevention solutions are based on its Deep File Inspection and TrueCDR™ patented technology. The algorithms provide new detection-less approach against File-Based attacks. The core CDR (Content Disarm and Reconstructions) process focuses on verifying the validity of the file structure on the binary level and disarms both known and unknown threats. This is very different from anti-virus and sandbox methods that scan for threats, detect a subset of malware and block files. With CDR, all malware, including zero-days, are prevented and the user gets a safe copy of the originally infected file.
Learn more
Deep Discovery Inspector
Deep Discovery Inspector
Deep Discovery Inspector is available as a physical or virtual network appliance. It’s designed to quickly detect advanced malware that typically bypasses traditional security defenses and exfiltrates sensitive data. Specialized detection engines and custom sandbox analysis detect and prevent breaches. Organizations are increasingly becoming victims of targeted ransomware when advanced malware bypasses traditional security, encrypts data, and demands payment to release the data. Deep Discovery Inspector uses known and unknown patterns and reputation analysis to detect the latest ransomware attacks, including WannaCry. The customized sandbox detects mass file modifications, encryption behavior, and modifications to backup and restore processes. Security professionals are flooded with threat data coming from numerous sources. Trend Micro™ XDR for Networks helps prioritize threats and provide visibility into an attack.
Learn more

Integrations

See Integrations

Ratings/Reviews

Overall 0.0 / 5
ease 0.0 / 5
features 0.0 / 5
design 0.0 / 5
support 0.0 / 5

This software hasn't been reviewed yet. Be the first to provide a review:

Review this Software

Company Information

YARA
virustotal.github.io/yara/

Videos and Screen Captures

YARA Screenshot 1
YARA Screenshot 1
You Might Also Like
Payroll Services for Small Businesses | QuickBooks Icon
Payroll Services for Small Businesses | QuickBooks

Save 50% off for 3 months with QuickBooks Payroll when you Buy Now

Easily pay your team and access powerful tools, employee benefits, and supportive experts with the #1 online payroll service provider. Manage payroll and access HR and employee services in one place. Pay your team automatically once your payroll setup is complete. We'll calculate, file, and pay your payroll taxes automatically.
Learn More

Product Details

Platforms Supported
Windows
Mac
Linux
Training
Documentation
Support
Online

YARA Frequently Asked Questions

Q: What kinds of users and organization types does YARA work with?
Q: What languages does YARA support in their product?
Q: What kind of support options does YARA offer?
Q: What other applications or services does YARA integrate with?
Q: What type of training does YARA provide?

YARA Product Features

YARA Additional Categories