Open Analysis Live! In this tutorial we take a look at two different methods to identify strings, binary data, and Yara matches in IDA Pro. First we use binary search to identify Yara matches manually then we introduce YaraFind a new IDA Pro plugin that adds Yara search to IDA.

Unpacked Loki malware sample:
https://malshare.com/sample.php?actio...

IDA Plugin FindYara:
https://github.com/OALabs/FindYara

Yara documentation:
http://yara.readthedocs.io/en/v3.7.0/

Tutorial what opcodes mean and how to reference them in IDA:
https://youtu.be/Zb8rkVjj-mQ

Feedback, questions, and suggestions are always welcome : )

Sergei https://twitter.com/herrcore
Sean https://twitter.com/seanmw

As always check out our tools, tutorials, and more content over at http://www.openanalysis.net