YARA v-3.2.0 released :  is a tool aimed at helping malware researchers to identify and classify malware samples.

YARA v-3.2.0 released : is a tool aimed at helping malware researchers to identify and classify malware samples.

Changelog Yara v3.2.0 :
+ ELF module
+ Hash module
+ New features in PE module
+ Big-endian version of intXX and uintXX functions
+ Modules can declare dictionary objects
+ Modules accept overloaded functions
+ Performance improvements
+ BUGFIX: “and” operator not working properly with integer operands
+ BUGFIX: False positive with strings with declared “fullword”, “wide” and “ascii”
+ BUGFIX: False positive with “wide fullword” strings shorter than 5 bytes
+ BUGFIX: Functions declared in a structure array not working properly
+ BUGFIX: “contains” operator causing segfault if operand is an undefined string

YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determine its logic. Let’s see an example:yara
YARA is multi-platform, running on Windows, Linux and Mac OS X, and can be used through its command-line interface or from your own Python scripts with the yara-python extension. or use yara editor here: https://code.google.com/p/yara-editor/downloads/list

yara-editor

yara-editor

Download :
Windows Binary : https://googledrive.com/host/0BznOMqZ9f3VUek8yN3VvSGdhRFU
Tarball : v3.2.0.tar.gz
Source: http://yara.readthedocs.org/en/v3.2.0/index.html