You can test your Yara rules by using first the Yara command tool from windows or Linux.
The last version comes with source code :
1 2 | C:\>yara64.exe -v 3.7.1 |
For example, this rule shows us how to find files by size:
1 2 3 4 5 | global rule size { condition: filesize > 11MB and filesize < 22MB } |
This rule finds files by specify the size conditions MB, KB and return the result.
Then can be tested with Yara command tool:
1 2 3 | C:\>yara64.exe -smgr size.yara C:\Users\user\Downloads\ size [] [] C:\Users\user\Downloads\ ... |
This shows us the rule is working well and can be used also with Yara python module.