script.sh


1
2
3
4
5
6
7
8
9
10

MOUNT_PATH='/mnt/test'

mkdir -p "$MOUNT_PATH"

while read name
do
	sudo mount -t ext4 -oloop,ro,noload "$name" "$MOUNT_PATH"
	find -P -O3 -iname '*.ph*' -type f -size -5M -print0 -exec ./yara -r malwares.yara -f -s {}\;
	sudo umount "$MOUNT_PATH" || exit 1
done