YARA rules did not detect reverse TCP payload

[Evacch]

I created a malicious file using Metasploit, however, YARA did not detect anything. I downloaded the YARA rules from the official GitHub repo and after that run yara rules/index.yar malicious.bin and also to be specific, yara rules/malware/RAT_Meterpreter_Reverse_Tcp.yar malicious.bin, nothing was shown. Anything I miss out here?

[plusvic]

Well, the first thing is to manually check that malicious.bin actually matches the rule. Can you paste the content of the rule here? I've found for RAT_Meterpreter_Reverse_Tcp.yar in GitHub and found multiple repositories that contain that file, but in all of them is an empty file.

[Evacch]

Well, the first thing is to manually check that malicious.bin actually matches the rule. Can you paste the content of the rule here? I've found for RAT_Meterpreter_Reverse_Tcp.yar in GitHub and found multiple repositories that contain that file, but in all of them is an empty file.

I am using this rule from https://github.com/Yara-Rules/rules/blob/master/malware/RAT_Meterpreter_Reverse_Tcp.yar and it is not empty

[plusvic]

The rule is very straightforward, have you confirmed that malicious.bin contain those strings?