Skip to main content

Yara

Download PDF

The page displays a list of YARA signatures. YARA signatures can be used to detect known malware, malicious behavioral patterns, and their classification.

There is a mandatory list of signatures from the vendor, highlighted in gray.

Fig. 4.6.1 - YARA signatures table

Fig. 4.6.1 - YARA signatures table

By clicking on the buttonyou can open a window with detailed information about the modules and more.

Fig. 4.6.2 - Window with detailed information about Yara

Fig. 4.6.2 - Window with detailed information about Yara

The buttonallows you to download the Yara signature as a .yara file format.

The import of a rule is carried out using the button

For import, you need to specify the path to the file in the ".yara" format, as well as provide a name and description. Vendor signatures can only be updated through the system functionality using the button . An archive file with signatures is used as input.