UnpacMe Support For YARA-X

We are excited to announce that UnpacMe has integrated support for YARA-X, a new project recently released by Google’s VirusTotal team. YARA-X is a complete rewrite of YARA developed in Rust. According to the announcement, future features and modules will be exclusively developed for YARA-X, rather than the existing YARA project. We wanted to add support early to enable analysts to take advantage of the new features.

You can start using YARA-X with UnpacMe today by enabling it in the YARA Hunt settings.

All of our YARA validation tests are now also available with YARA-X. Although the YARA-X project promises 99% rule compatibility with YARA, there are some significant differences that analysts should be aware of. We recommend testing your rules with the engine they are intended to be run on.

We will continue to support both the traditional YARA engine and the new YARA-X engine for the foreseeable future.

Happy Hunting!