Installation

Warning

It is recommended to use yaramail in a different OS than what is targeted by the potential malware you are scanning. Consider using yaramail inside of a container or VM for additional security.

System dependencies

Some system dependencies must be installed before installing yaramail.

Debian, Ubuntu, and friends

sudo apt install build-essential libssl-dev libpoppler-cpp-dev pkg-config python3-dev

Fedora, Red Hat, and friends

sudo yum install gcc-c++ pkgconfig openssl-devel poppler-cpp-devel python3-devel

macOS

Install Homebrew, then run the following commands in a terminal.

brew install pkg-config openssl@3 poppler python
export LDFLAGS="-L$(brew --prefix)/opt/openssl@3/lib"
export CPPFLAGS="-I$(brew --prefix)/opt/openssl@3/include"
pip install yara-python

Windows

  1. Install the Microsoft Visual Studio Build Tools

  2. Install Anaconda Distribution

  3. Use Anaconda Navigator to create a new Anaconda Environment

  4. Click the play button for the Anaconda Environment

  5. Click Open Terminal

  6. Run conda install -c conda-forge openssl poppler and leave the terminal open:

  7. Configure your Python IDE/project to use the Anaconda Environment

Install yaramail

Important

The official name for this project, package, and module is yaramail. Unfortunately, the Python Package Index (PyPI) did not allow that name to be used there, so the PyPI project name for yaramail is yara-mail.

Warning

Never install Python packages as root or with sudo. Not only is it a huge security risk, but doing that will also pollute the system Python environment.

It is recommended to create a separate Python virtual environment for any project that will use yaramail.

Note

Conda environments are a type of virtual environment, so if you are using a Conda environment, there is no need to create a virtual environment.

Once the virtual environment has been created and activated, use pip to install yaramail.

pip3 install -U yara-mail

Alternatively, if you would like to install the yaramail CLI as a user tool, run this command outside of a virtual environment:

pip3 install --user -U yara-mail