Comments on: How to Write Simple but Sound Yara Rules

By: Florian Roth

Florian Roth — Thu, 28 Apr 2016 18:53:26 +0000

In reply to Ryan.

Try using 7zip
http://www.7-zip.org/download.html

By: Ryan

Ryan — Thu, 28 Apr 2016 17:54:42 +0000

Hi Florian,
How do I unzip the db.zip.001 files on Windows? I’ve tried removing the numbers from the file names and unzipping, but the file is not recognized as a zipped archive.
Thanks!

By: Ben Cheever

Ben Cheever — Tue, 29 Mar 2016 21:45:10 +0000

Hi, I had to install quite a few dependencies on Ubuntu to get this yarGen utility to work I didn’t see those in the readme file so I thought I would help out 🙂
‘sudo apt-get install libxml2-dev libxslt1-dev python-dev python-pip python-libxml2 lzma-dev’
then you can run the:
‘sudo pip install pefile’
and
‘sudo pip install scandir lxml naiveBayesClassifier’

By: YARA rules download: The best YARA rules for Malware Analysis and Detection - Cyberwarzone

Thu, 07 Jan 2016 23:56:43 +0000

[…] https://www.bsk-consulting.de/2015/02/16/write-simple-sound-yara-rules/ […]

By: Improving the Quality of Your Yara Rules - BSK Consulting GmbH

Improving the Quality of Your Yara Rules - BSK Consulting GmbH — Sat, 17 Oct 2015 16:53:16 +0000

[…] ago I wrote a blog article on „How to write simple but sound Yara rules„. Since then the mentioned techniques and tools have improved. I’d like to give you a […]