Answers

From within the root of the suspicious files directory, what command would you run to test Yara and your Yara rule against file 2? yara files2.yar file2/1ndex.php

Did Yara rule flag file 2? (Yay/Nay) Yay

Test the Yara rule with Loki, does it flag file 2? (Yay/Nay) Yay

What is the name of the variable for the string that it matched on? Zepto

Inspect the Yara rule, how many strings were generated? 20

One of the conditions to match on the Yara rule specifies file size. The file has to be less than what amount? 700KB