YARA release candidate 1 for version 4.3.0 brings a Windows fix for the –skip-larger option.
IIRC, the –skip-larger option was introduced about a year ago, and allows one to specify a filesize to skip files. Files larger than the given size would no be scanned during a directory scan.
Unfortunately, this feature was not implemented in the Windows version of YARA, but now it is.
Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.