undefined identifier "is__elf"

[jestrada78]

Hello.
When I execute the next command:

vol.py -f mem.elf --profile=Win7SP1_24000 yarascan -y c:\rules-master\index.yar
I get tehe following message:
ERROR : volatility.debug : Cannot compile rules: ./malware/MALW_Mirai_Okiru_ELF.yar(21): undefined identifier "is__elf"

I'm new with yara..
Thanks in advance

[jestrada78]

Please can someone explainme what is this?

[jovimon]

Hello @jestrada78,
The line that generated your error contains a reference to a rule that resides in this other file.
There wasn't a link for the other file in the general index.yar file so it couldn't find the reference.
I just solved the problem with commit 26f4381.
Please update your repo and check again.
If the error is gone please let us know and close the issue.
Thank you very much.

[jestrada78]

Thank you!! I realized just yesterday that the possible problem could be that the file 000_common_rules.yar was not included in the index. I added it, but in that case it said that it was duplicated, but when I'm home I'll check and try what you say

[jholgui]

@jestrada78, is it solved problem??

[jestrada78]

Yes it is. I downloaded it again a time after and it looks to have been solved

[seifreed]

Closing the issue, as was resolved