Virtual Analyzer uses YARA rules to identify malware. YARA rules are malware detection patterns that are fully customizable to identify targeted attacks and security threats specific to your environment. Deep Discovery Analyzer supports a maximum of 5,000 YARA rules regardless of the number of YARA rule files.
The following columns show information about YARA rule files.
|
Column Name |
Information |
|---|---|
|
File name |
Name of the YARA rule file |
|
Rules |
Number of YARA rules contained in the YARA rule file |
|
Files to analyze |
File types to analyze using the YARA rules in the YARA rule file |
|
Added |
Date and time the YARA rule file was added |
The following table lists all the YARA Rules tab tasks:
|
Task |
Steps |
|---|---|
|
Add |
Browse and select a YARA rule file and the file types to analyze. For details, see Managing YARA Rule Files. |
|
Delete |
Select one or several YARA rule files to remove and then click Delete. |
|
Export |
Select one YARA rule file, and click Export to download a copy of the YARA rule file. |
|
Edit |
Click the File name of the YARA rule file to be edited. For details, see Managing YARA Rule Files. |
|
Records and Pagination Controls |
The panel at the bottom of the screen shows the total number of YARA rule files. If all samples cannot display at the same time, use the pagination controls to view the samples that are hidden from view. |