If a malware’s signature is not in our malware signature database then BitNinja can not detect the malware. But you can easily add a malware signature to the database. And You can protect all of your servers instantly from that malware which has just been added as a signature.
After you have found the Malware you can add the signature to the BitNinja malware database.
- Issue this command:
bitninjacli --module=MalwareDetection --create-signature --path=/path/to/file - Press p to proceed to create the signature and then press enter.
- Wait for the Signature to be created.
- Then press y and then enter to publish the malware signature and quarantine it on all of your servers.
You can check the Malware catches with this command:
bitninjacli --module=MalwareDetection --list-signature-catches --id=<signatureId>