Malicious File Detection Using Yara

2016-07-11T00:00:00
ID WMI_MALWARE_YARA_FILESYSTEM.NBIN
Type nessus
Reporter This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2021-10-04T00:00:00

Description

Nessus detected one or more files on the remote Windows host that match a Yara rule.

Note that Nessus has only scanned files with the following extensions:

.application, .asp, .aspx, .bat, .chm, .class, .cmd, .com, .cp, .csh, .csv, .dl, .doc, .docx, .drv, .exe, .gadget, .hta, .inf, .ins, .inx, .isu, .jar, .job, .jpeg, .jpg, .js, .jse, .jse, .jsp, .lnk, .msc, .msi, .msp, .mst, .paf, .pdf, .php, .pif, .ppt, .pptx, .ps1, .ps1xm, .ps2, .ps2xm, .psc1, .psc2, .reg, .rgs, .scf, .scr, .sct, .shb, .shs, .swf, .sys, .txt, .u3p, .vb, .vbe, .vbs, .vbscript, .ws, .wsf, .xls

                                        
                                            Binary data wmi_malware_yara_filesystem.nbin