Even the 64-bit version of IDA is compiled as a 32-bit program. If I am incorrect on this, please forgive me and let me know in the comments. The following is based off my observations and experiences. I thought this was odd as I had Yara installed on my system, until I remembered how IDA works on a 64-bit Linux system. This means that you can now run Yara sigs against files you are reversing to help in the analysis process.Īfter I installed the new version of IDAScope into IDA Pro, however, I received errors stating that Yara could not be imported. Last Friday, pnX posted that he updated his awesome IDA plug-in, IDAScope, to include Yara support. See link below for files to just install. Tl dr Install a 32-bit VM, compile Yara, copy files over.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |