diff --git a/data/yara/CAPE/Salat.yar b/data/yara/CAPE/Salat.yar
new file mode 100644
index 00000000000..f053cca9750
--- /dev/null
+++ b/data/yara/CAPE/Salat.yar
@@ -0,0 +1,14 @@
+rule Salat
+{
+    meta:
+        author = "kevoreilly"
+        description = "Salat Payload"
+        cape_type = "Salat Payload"
+    strings:
+        $a1 = "salat"
+        $a2 = "screenshot"
+        $a3 = "task.go"
+        $a4 = "tsc.go"
+    condition:
+        uint16(0) == 0x5A4D and all of them
+}