| Key | Value |
|---|---|
| FileName | ./usr/share/doc/yara/copyright |
| FileSize | 2980 |
| MD5 | 7B34E0CCBB5D48D1F94FB4ED3D026D58 |
| SHA-1 | 818E6B0473EE9E2D1284C082793CDA77241F762D |
| SHA-256 | A68CDFF8BD376A1776787127CEAAFFEA83D2A6D685A918A6D55B23FFC42E46A1 |
| SSDEEP | 48:iDaRcaTKH4OX0ehzH31cSnxU4NOYrYJ0rYJ1DP4a2r437W32scMEtu33tYTHv:+ayaTe4gPzHFcSm4gYrYJ0rYJ1T53y3Q |
| TLSH | T1EB51D95B29444FB32BE056C13E3FE6CA730A902D3627974A386CD180AB7721F95F90D1 |
| hashlookup:parent-total | 20 |
| hashlookup:trust | 100 |
The searched file hash is included in 20 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileSize | 12686 |
| MD5 | EA8C59C780BB43DAE3F9FF241A5B027F |
| PackageDescription | help to identify and classify malwares (Python bindings) YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic. This is useful in forensics analysis. . Complex and powerful rules can be created by using binary strings with wild-cards, case-insensitive text strings, special operators, regular expressions and many other features. . Are examples of the organizations and services using YARA: . - VirusTotal Intelligence (https://www.virustotal.com/intelligence/) - jsunpack-n (http://jsunpack.jeek.org/) - We Watch Your Website (http://www.wewatchyourwebsite.com/) - FireEye, Inc. (http://www.fireeye.com) - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \ Fidelis-XPS) . The Volatility Framework is an example of the software that uses YARA. . This package provides Python 2 bindings. |
| PackageMaintainer | Debian Forensics <forensics-devel@lists.alioth.debian.org> |
| PackageName | python-yara |
| PackageSection | python |
| PackageVersion | 3.1.0-2+deb8u1 |
| SHA-1 | 0166A8313D510F438F285547C7883C321FD3184E |
| SHA-256 | F54D7543D50155E21114066AF937E9C2215FB59457DD746285506C36C6F0584B |
| Key | Value |
|---|---|
| FileSize | 12416 |
| MD5 | 4D385AFFD727196FB2AB464F150A15E1 |
| PackageDescription | help to identify and classify malwares (Python 3 bindings) YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic. This is useful in forensics analysis. . Complex and powerful rules can be created by using binary strings with wild-cards, case-insensitive text strings, special operators, regular expressions and many other features. . Are examples of the organizations and services using YARA: . - VirusTotal Intelligence (https://www.virustotal.com/intelligence/) - jsunpack-n (http://jsunpack.jeek.org/) - We Watch Your Website (http://www.wewatchyourwebsite.com/) - FireEye, Inc. (http://www.fireeye.com) - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \ Fidelis-XPS) . The Volatility Framework is an example of the software that uses YARA. . This package provides Python 3 bindings. |
| PackageMaintainer | Debian Forensics <forensics-devel@lists.alioth.debian.org> |
| PackageName | python3-yara |
| PackageSection | python |
| PackageVersion | 3.1.0-2+deb8u1 |
| SHA-1 | 05549A3997D803634C4C26A26FBA421EE22D3438 |
| SHA-256 | 7DCFB436F1DEE3750C750DFF8C169B9768B7C633D889C56C6FE60515DC203F42 |
| Key | Value |
|---|---|
| FileSize | 77922 |
| MD5 | C3E5EA78CA98C3A7066E914BFCDDD083 |
| PackageDescription | help to identify and classify malwares (development files) YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic. This is useful in forensics analysis. . Complex and powerful rules can be created by using binary strings with wild-cards, case-insensitive text strings, special operators, regular expressions and many other features. . Are examples of the organizations and services using YARA: . - VirusTotal Intelligence (https://www.virustotal.com/intelligence/) - jsunpack-n (http://jsunpack.jeek.org/) - We Watch Your Website (http://www.wewatchyourwebsite.com/) - FireEye, Inc. (http://www.fireeye.com) - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \ Fidelis-XPS) . The Volatility Framework is an example of the software that uses YARA. . This package provides development libraries and headers. |
| PackageMaintainer | Debian Forensics <forensics-devel@lists.alioth.debian.org> |
| PackageName | libyara-dev |
| PackageSection | libdevel |
| PackageVersion | 3.1.0-2+deb8u1 |
| SHA-1 | 0803E5407BDADDA5C08F6E4D27D239B8F82D1D7D |
| SHA-256 | 72E9171EE2BA5133EFF7F44EEA70AA482A1ED9C3E6528F78B8C71F2AC67B14EC |
| Key | Value |
|---|---|
| FileSize | 79526 |
| MD5 | EEC223E53943752BC965852CE2113F73 |
| PackageDescription | help to identify and classify malwares (development files) YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic. This is useful in forensics analysis. . Complex and powerful rules can be created by using binary strings with wild-cards, case-insensitive text strings, special operators, regular expressions and many other features. . Are examples of the organizations and services using YARA: . - VirusTotal Intelligence (https://www.virustotal.com/intelligence/) - jsunpack-n (http://jsunpack.jeek.org/) - We Watch Your Website (http://www.wewatchyourwebsite.com/) - FireEye, Inc. (http://www.fireeye.com) - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \ Fidelis-XPS) . The Volatility Framework is an example of the software that uses YARA. . This package provides development libraries and headers. |
| PackageMaintainer | Debian Forensics <forensics-devel@lists.alioth.debian.org> |
| PackageName | libyara-dev |
| PackageSection | libdevel |
| PackageVersion | 3.1.0-2+deb8u1 |
| SHA-1 | 0C4A24CF5BC418737B583BCA27FAF9A9FF6A9637 |
| SHA-256 | 9DE56B0FF8F4BB6C09F08891B4C52B856F9DB9A33F6E51276FAAB745C4CBC4CC |
| Key | Value |
|---|---|
| FileSize | 86414 |
| MD5 | 71583C939AA16C16568E5D052AB3788F |
| PackageDescription | help to identify and classify malwares YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic. This is useful in forensics analysis. . Complex and powerful rules can be created by using binary strings with wild-cards, case-insensitive text strings, special operators, regular expressions and many other features. . Are examples of the organizations and services using YARA: . - VirusTotal Intelligence (https://www.virustotal.com/intelligence/) - jsunpack-n (http://jsunpack.jeek.org/) - We Watch Your Website (http://www.wewatchyourwebsite.com/) - FireEye, Inc. (http://www.fireeye.com) - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \ Fidelis-XPS) . The Volatility Framework is an example of the software that uses YARA. |
| PackageMaintainer | Debian Forensics <forensics-devel@lists.alioth.debian.org> |
| PackageName | yara |
| PackageSection | utils |
| PackageVersion | 3.1.0-2+deb8u1 |
| SHA-1 | 1625D24E84C18CC43BE19CA15CEAD1769F9E54AD |
| SHA-256 | 2BCEA359B5D6211BB767D7BBA54734756ABBB76120E7E490EF6F4A0DB089051E |
| Key | Value |
|---|---|
| FileSize | 62420 |
| MD5 | 3942BDD9AEAF786343673DE3CB58C836 |
| PackageDescription | help to identify and classify malwares (shared library) YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic. This is useful in forensics analysis. . Complex and powerful rules can be created by using binary strings with wild-cards, case-insensitive text strings, special operators, regular expressions and many other features. . Are examples of the organizations and services using YARA: . - VirusTotal Intelligence (https://www.virustotal.com/intelligence/) - jsunpack-n (http://jsunpack.jeek.org/) - We Watch Your Website (http://www.wewatchyourwebsite.com/) - FireEye, Inc. (http://www.fireeye.com) - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \ Fidelis-XPS) . The Volatility Framework is an example of the software that uses YARA. . This package provides a shared library. |
| PackageMaintainer | Debian Forensics <forensics-devel@lists.alioth.debian.org> |
| PackageName | libyara3 |
| PackageSection | libs |
| PackageVersion | 3.1.0-2+deb8u1 |
| SHA-1 | 22D921654005953396D1022D796B0E1A3BCAA21D |
| SHA-256 | C3BC3A962578B01AA96F08D04C480164C9EB5714BDAC66597BCB77C6A9AE2813 |
| Key | Value |
|---|---|
| FileSize | 85452 |
| MD5 | 58BAC76F0CC231CC497676DB629D55B2 |
| PackageDescription | help to identify and classify malwares (development files) YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic. This is useful in forensics analysis. . Complex and powerful rules can be created by using binary strings with wild-cards, case-insensitive text strings, special operators, regular expressions and many other features. . Are examples of the organizations and services using YARA: . - VirusTotal Intelligence (https://www.virustotal.com/intelligence/) - jsunpack-n (http://jsunpack.jeek.org/) - We Watch Your Website (http://www.wewatchyourwebsite.com/) - FireEye, Inc. (http://www.fireeye.com) - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \ Fidelis-XPS) . The Volatility Framework is an example of the software that uses YARA. . This package provides development libraries and headers. |
| PackageMaintainer | Debian Forensics <forensics-devel@lists.alioth.debian.org> |
| PackageName | libyara-dev |
| PackageSection | libdevel |
| PackageVersion | 3.1.0-2+deb8u1 |
| SHA-1 | 2EFACE1EF798A048C2EEDBD98F02E022DC51BAAF |
| SHA-256 | C0864B279396F522463064E6ABA62BCA287EEECC186A1EA8DAA3BCF5C2A03AAC |
| Key | Value |
|---|---|
| FileSize | 59158 |
| MD5 | 3AEBEF79405640AC2D7C467C2BF52B37 |
| PackageDescription | help to identify and classify malwares (shared library) YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic. This is useful in forensics analysis. . Complex and powerful rules can be created by using binary strings with wild-cards, case-insensitive text strings, special operators, regular expressions and many other features. . Are examples of the organizations and services using YARA: . - VirusTotal Intelligence (https://www.virustotal.com/intelligence/) - jsunpack-n (http://jsunpack.jeek.org/) - We Watch Your Website (http://www.wewatchyourwebsite.com/) - FireEye, Inc. (http://www.fireeye.com) - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \ Fidelis-XPS) . The Volatility Framework is an example of the software that uses YARA. . This package provides a shared library. |
| PackageMaintainer | Debian Forensics <forensics-devel@lists.alioth.debian.org> |
| PackageName | libyara3 |
| PackageSection | libs |
| PackageVersion | 3.1.0-2+deb8u1 |
| SHA-1 | 32223F7A5A7F0AD9EF6EF59B0F3FC7A9EEE9D905 |
| SHA-256 | C3EBB4222C8BBA89FA297B7ABE87D7FCBB4C63314280E3764543DCA4F6475581 |
| Key | Value |
|---|---|
| FileSize | 13442 |
| MD5 | FFF35EC73C109CE678B1E8EA95968DD0 |
| PackageDescription | help to identify and classify malwares (Python bindings) YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic. This is useful in forensics analysis. . Complex and powerful rules can be created by using binary strings with wild-cards, case-insensitive text strings, special operators, regular expressions and many other features. . Are examples of the organizations and services using YARA: . - VirusTotal Intelligence (https://www.virustotal.com/intelligence/) - jsunpack-n (http://jsunpack.jeek.org/) - We Watch Your Website (http://www.wewatchyourwebsite.com/) - FireEye, Inc. (http://www.fireeye.com) - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \ Fidelis-XPS) . The Volatility Framework is an example of the software that uses YARA. . This package provides Python 2 bindings. |
| PackageMaintainer | Debian Forensics <forensics-devel@lists.alioth.debian.org> |
| PackageName | python-yara |
| PackageSection | python |
| PackageVersion | 3.1.0-2+deb8u1 |
| SHA-1 | 36ECA64AB43AF587D35B23B5D6E19361477BB2DD |
| SHA-256 | 734D1DCAD23EB1991612957C3C7B5245E26E255E96BB41E8D247F9576C2AC94B |
| Key | Value |
|---|---|
| FileSize | 14106 |
| MD5 | 98A8B27E11F8F8001797D0E54272FF94 |
| PackageDescription | help to identify and classify malwares (Python bindings) YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic. This is useful in forensics analysis. . Complex and powerful rules can be created by using binary strings with wild-cards, case-insensitive text strings, special operators, regular expressions and many other features. . Are examples of the organizations and services using YARA: . - VirusTotal Intelligence (https://www.virustotal.com/intelligence/) - jsunpack-n (http://jsunpack.jeek.org/) - We Watch Your Website (http://www.wewatchyourwebsite.com/) - FireEye, Inc. (http://www.fireeye.com) - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \ Fidelis-XPS) . The Volatility Framework is an example of the software that uses YARA. . This package provides Python 2 bindings. |
| PackageMaintainer | Debian Forensics <forensics-devel@lists.alioth.debian.org> |
| PackageName | python-yara |
| PackageSection | python |
| PackageVersion | 3.1.0-2+deb8u1 |
| SHA-1 | 3BD2B4EE0B25D71BCE22598CC6F8BAD03D50C8F6 |
| SHA-256 | 5BAE755474D0C43114EEFAAEE5158139EB066FCBEC76D4B7E1BE85525E5C195D |