yara-x 1.15.0

A pure Rust implementation of YARA.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

rule long_hex_seq {
	strings:
		$h = { (
			2D A? FF FF FF ?? ?? |
			2D B? FF FF FF ?? ?? |
			2D C? FF FF FF ?? ?? |
			2D D? FF FF FF ?? ?? |
			81 E8 ( A? | B? | C? | D? ) FF FF FF ?? ?? |
			81 E9 ( A? | B? | C? | D? ) FF FF FF ?? ?? |
			81 EA ( A? | B? | C? | D? ) FF FF FF ?? ?? |
			81 EB ( A? | B? | C? | D? ) FF FF FF ?? ?? |
			81 ED ( A? | B? | C? | D? ) FF FF FF ?? ?? |
			81 EE ( A? | B? | C? | D? ) FF FF FF ?? ?? |
			81 EF ( A? | B? | C? | D? ) FF FF FF ?? ?? |
			6A 2? 03 ?? 24 ( 58 | 59 | 5A | 5B | 5D | 5E | 5F ) ?? ?? |
			6A 3? 03 ?? 24 ( 58 | 59 | 5A | 5B | 5D | 5E | 5F ) ?? ?? |
			6A 4? 03 ?? 24 ( 58 | 59 | 5A | 5B | 5D | 5E | 5F ) ?? ?? |
			6A 5? 03 ?? 24 ( 58 | 59 | 5A | 5B | 5D | 5E | 5F ) ?? ?? |
			83 C0 ( 2? | 3? | 4? | 5? ) ?? ?? |
			83 C1 ( 2? | 3? | 4? | 5? ) ?? ?? |
			83 C2 ( 2? | 3? | 4? | 5? ) ?? ?? |
			83 C3 ( 2? | 3? | 4? | 5? ) ?? ?? |
			83 C4 ( 2? | 3? | 4? | 5? ) ?? ?? |
			83 C5 ( 2? | 3? | 4? | 5? ) ?? ?? |
			83 C6 ( 2? | 3? | 4? | 5? ) ?? ?? |
			83 C7 ( 2? | 3? | 4? | 5? ) ?? ?? |
		    83 C8 ( 2? | 3? | 4? | 5? ) ?? ?? |
		    83 C9 ( 2? | 3? | 4? | 5? ) ?? ?? |
		    83 CA ( 2? | 3? | 4? | 5? ) ?? ?? |
	        83 CB ( 2? | 3? | 4? | 5? ) ?? ?? |
	        83 CC ( 2? | 3? | 4? | 5? ) ?? ?? |
	        83 CD ( 2? | 3? | 4? | 5? ) ?? ?? |
	        83 CE ( 2? | 3? | 4? | 5? ) ?? ?? |
	        83 D0 ( 2? | 3? | 4? | 5? ) ?? ?? |
	        83 D1 ( 2? | 3? | 4? | 5? ) ?? ?? |
	        83 D2 ( 2? | 3? | 4? | 5? ) ?? ?? |
	        83 D3 ( 2? | 3? | 4? | 5? ) ?? ?? |
            83 D4 ( 2? | 3? | 4? | 5? ) ?? ?? |
            83 D5 ( 2? | 3? | 4? | 5? ) ?? ?? |
            83 D6 ( 2? | 3? | 4? | 5? ) ?? ?? |
            83 D7 ( 2? | 3? | 4? | 5? ) ?? ?? |
            83 D8 ( 2? | 3? | 4? | 5? ) ?? ?? |
            83 D9 ( 2? | 3? | 4? | 5? ) ?? ?? |
            83 DA ( 2? | 3? | 4? | 5? ) ?? ?? |
            83 DB ( 2? | 3? | 4? | 5? ) ?? ?? |
            83 DC ( 2? | 3? | 4? | 5? ) ?? ?? |
            83 DD ( 2? | 3? | 4? | 5? ) ?? ?? |
            83 DE ( 2? | 3? | 4? | 5? ) ?? ?? |
            83 DF ( 2? | 3? | 4? | 5? ) ?? ?? |
			8D 40 ( 2? | 3? | 4? | 5? ) ?? ?? |
			8D 49 ( 2? | 3? | 4? | 5? ) ?? ?? |
			8D 52 ( 2? | 3? | 4? | 5? ) ?? ?? |
			8D 5B ( 2? | 3? | 4? | 5? ) ?? ?? |
			8D 6D ( 2? | 3? | 4? | 5? ) ?? ?? |
			8D 76 ( 2? | 3? | 4? | 5? ) ?? ?? |
			8D 7F ( 2? | 3? | 4? | 5? ) ?? ?? ) }
	condition:
		$h
}