ctmayhew
commented
1 year ago Hi @SamotZak. It looks like you are using the compiled rule file. Can you test with a non-compile ruleset and see if there is the same error?
Closed SamotZak closed 1 year ago
ctmayhew
commented
1 year ago Hi @SamotZak. It looks like you are using the compiled rule file. Can you test with a non-compile ruleset and see if there is the same error?
SamotZak
commented
1 year ago Hi @SamotZak. It looks like you are using the compiled rule file. Can you test with a non-compile ruleset and see if there is the same error?
Hello @ctmayhew, actually the yara ruleset was not compiled. Please find the error of compiled yara rule in the screenshot.
In addition, I'm pretty sure that there was no issue with v.1.0 some time ago.
ctmayhew
commented
1 year ago It assumes your rule file is compiled if it ends with .yar or .yara. If you have named your non-compiled ruleset with .yara it will break? Can you check and if so, just end the filename with something else like .txt
SamotZak
commented
1 year ago It worked when I changed a file extension to *.txt .
ctmayhew
commented
1 year ago Ah good. The new version will assume .yar/yara = compiled and .txt = not compiled. I'll clarify this in the documentation.
Hi, I'm trying to use the X-Tension with XWF 20.7 SR-1 x64, but I get an error after I select a file of yara rules: “Cannot load “C:\Program Files\X-Ways Forensics\x64\XT_Yara.dll”.XT_Init() signals not ready:-1". I tested also versions v.1.1, different yara rules (tested and working with other tools), tried to run on a different forensic machine and got the same error.