Introduction
What?
Yet Another Ridiculous Acronym (Yara) was developed by Victor M. Alvarez (@plusvic) and @VirusTotal, and is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples.
Why?
Yara can identify information based on both binary and textual patterns, such as hexadecimal and strings contained within a file. It can be used in combination with many other useful tools.