YARA matches

Each time a YARA ruleset matches a files, the Last matched date/time will be updated.

The Matches are sorted by:

•SHA1—SHA1 hash of the match

•Rule name—Name of the ruleset that generated the match

•Status—Status of the match.

•Type—Type of the match

•Match hashes—Hashes corresponding to the match

•Last matched—Date and time of the latest match.

But you can also Add filter to filter the displayed reports with a custom filter parameters:

Using the YARA matches screen:

Click on the options icon next to the report to display the following:

•To view the content of a matched file, click the file.

•To view a more detailed report, click Generate report to generate a Targeted Report or Certificate Report of the matched and analyzed file.