Add new renderer to display string matches for rules

[egibs]

I've been running yara -r <rule path> <path> -s a lot recently. Now that we track rule names in the Behavior struct, we can correlate this to the rule matches.

This PR adds a new renderer to display the file report path, its risk level, the number of rules that matched, each rule that has string matches, and the number of strings per rule match (sorted alphabetically by rule name ascending).

For example:

go run cmd/mal/mal.go --format strings analyze /usr/bin/bash
Matches for /usr/bin/bash [HIGH] (35 rules):
HOME [LOW] (2 strings): 
- HOME
- getenv
LANG_getenv [LOW] (2 strings): 
- LANG
- getenv
SHELL [LOW] (1 string): 
- SHELL
TERM [LOW] (1 string): 
- TERM
TMPDIR [LOW] (2 strings): 
- TMPDIR
- getenv
bash_history [HIGH] (1 string): 
- .bash_history
calls_shell [MED] (1 string): 
- /bin/sh
chdir_shell [LOW] (1 string): 
- cd which change the
chmod [MED] (1 string): 
- chmod
custom_path [LOW] (4 strings): 
- /bin:/usr/
- /sbin:/bin
- /usr/bin:/sbin
- PATH
dlsym [MED] (1 string): 
- dlsym
etc_hosts [MED] (1 string): 
- /etc/hosts
etc_path [LOW] (4 strings): 
- /etc/bash.bashrc
- /etc/hosts
- /etc/inputrc
- /etc/profile

Here's what it looks like in-terminal for analyze (partial screenshot):

The renderer works for scan as well: