If a malware’s signature is not in our malware signature database then BitNinja can not detect the malware. But you can easily add a malware signature to the database. And You can protect all of your servers instantly from that malware which has just been added as a signature.
After you have found the Malware you can add the signature to the BitNinja malware database.
- Issue this command:
bitninjacli --module=MalwareDetection --create-signature --path=/path/to/file
- Press p to proceed to create the signature and then press enter.
- Wait for the Signature to be created.
- Then press y and then enter to publish the malware signature and quarantine it on all of your servers.
bitninjacli --module=MalwareDetection --list-signature-catches --id=<signatureId>
Upload malware from the Dashboard
You can also upload files from the Dashboard to generate a malware signature. You just need to click on the + Add new Malware button at the top right at the Anti-Malware / Local malware signatures menu. The signature will be in a validating state and the signature ID and the number of matching files on your servers will be displayed within 5 minutes in the Table of malware signatures.