How to add malware signatures to the BitNinja Malware database

You are here:
Estimated reading time: 1 min

If a malware’s signature is not in our malware signature database then BitNinja can not detect the malware. But you can easily add a malware signature to the database. And You can protect all of your servers instantly from that malware which has just been added as a signature.

After you have found the Malware you can add the signature to the BitNinja malware database.

  1. Issue this command:
    bitninjacli --module=MalwareDetection --create-signature --path=/path/to/file
  2. Press p to proceed to create the signature and then press enter.
  3. Wait for the Signature to be created.
  1. Then press y and then enter to publish the malware signature and quarantine it on all of your servers.
You can check the Malware catches with this command:
bitninjacli --module=MalwareDetection --list-signature-catches --id=<signatureId>

Upload malware from the Dashboard

You can also upload files from the Dashboard to generate a malware signature. You just need to click on the + Add new Malware button at the top right at the Anti-Malware / Local malware signatures menu. The signature will be in a validating state and the signature ID and the number of matching files on your servers will be displayed within 5 minutes in the Table of malware signatures.

Views: 261