YARA is a tool that provides a robust language, compatible with Perl-based Regular Expressions. It is used to examine suspected files/directories and match strings as is defined in the YARA rules with the file. In YARA there are 3 types of strings named as follows: hexadecimal, wildcard, jumps, and wide character strings. YARA has its own regular expression engine, which mostly resembles PCRE. It can be used to find out that if a particular string is available at a specified offset of the running process. For example, $test_string1 will find the test_1 in (100 to 200) in the range of memory.”]
Source: https://resources.infosecinstitute.com/topic/yara-simple-effective-way-dissecting-malware/