Get help with cuckoo module

[TrungAnhNguyen2k2]

Describe the bug
I got trouble with the yara-cuckoo module rule.
To Reproduce
Steps to reproduce the behavior:
I use module cuckoo to write this rule to test

And here are the behaviors in the report.json file from cuckoo that I use to write rule.

But when I ran the command, nothing happen. ( The "2280898cb29faf1785e782596d8029cb471537ec38352e5c17cc263f1f52b8ef" is the malware file that I want to scan)

Please tell me, where did I do wrong and how to fix it. Hope you guy answer soon. Thank you very much

• YARA version: [4.4.0]

[plusvic]

What version of cuckoo are you using? The cuckoo module works with very old versions and haven't been updated in a long time. If you are using a recent version of cuckoo the JSON format has probably changed.

[TrungAnhNguyen2k2]

What version of cuckoo are you using? The cuckoo module works with very old versions and haven't been updated in a long time. If you are using a recent version of cuckoo the JSON format has probably changed.

Hi I'm using the (https://sandbox.pikker.ee/) so it's the 2.0.7