· Step 2: Extracting and tidying up the files Since we know we will be doing YARA scans across these files, we know that we will have to extract the raw malware samples from the archive files. To start, we find all the 7z files and pipe them to a loop to extract the malware with the password "infected" and place it into the same directory.