diff --git a/demo/sectest/static_patch_scan/2022-12/OpenHarmony-SA-2022-1201 b/demo/sectest/static_patch_scan/2022-12/OpenHarmony-SA-2022-1201
deleted file mode 100644
index b1acbc13a7bba72c30f3d746c770c296971448d1..0000000000000000000000000000000000000000
--- a/demo/sectest/static_patch_scan/2022-12/OpenHarmony-SA-2022-1201
+++ /dev/null
@@ -1,35 +0,0 @@
-# Copyright (C) 2023 Huawei Device Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#    http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-import "console"
-import "elf"
-rule OpenHarmony_SA_2022_1201
-{
-meta:
-
-date = "2022-12"
-openharmony_sa = "OpenHarmony-SA-2022-1201"
-cve = "CVE-2022-45877"
-severity = "high"
-affected_files = "pin_auth_ui.so" //3.1.x以后的版本
-affected_func = "AuthOnDataReceived"
-
-strings:
-
-$fix = "authManager is null"  //更新后字符串
-
-$vul = "ShowPinDialog authManager is null" //更新前字符串
-
-condition:
- (elf.machine == elf.EM_ARM) and ((not $vul) and $fix) and console.log("OpenHarmony-SA-2022-1201 testcase pass")
-}
\ No newline at end of file
diff --git a/demo/sectest/static_patch_scan/2022-12/OpenHarmony-SA-2022-1201.yara b/demo/sectest/static_patch_scan/2022-12/OpenHarmony-SA-2022-1201.yara
new file mode 100644
index 0000000000000000000000000000000000000000..1fabecb867d8bd592571d5b79cfe21aaf0c4e92a
--- /dev/null
+++ b/demo/sectest/static_patch_scan/2022-12/OpenHarmony-SA-2022-1201.yara
@@ -0,0 +1,37 @@
+/* 
+ Copyright (C) 2023 Huawei Device Co., Ltd.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+*/
+import "console"
+import "elf"
+rule OpenHarmony_SA_2022_1201
+{
+meta:
+
+date = "2022-12"
+openharmony_sa = "OpenHarmony-SA-2022-1201"
+cve = "CVE-2022-45877"
+severity = "high"
+affected_files = "pin_auth_ui.so" //3.1.x以后的版本
+affected_func = "AuthOnDataReceived"
+
+strings:
+
+$fix = "authManager is null"  //更新后字符串
+
+$vul = "ShowPinDialog authManager is null" //更新前字符串
+
+condition:
+ (elf.machine == elf.EM_ARM) and ((not $vul) and $fix) and console.log("OpenHarmony-SA-2022-1201 testcase pass")
+}
\ No newline at end of file