Does Suricata disassembly a virus over a network?

Help
1

Does Suricata perform the disassembly of a virus detected over a network? If yes, does it use this disassembly for the matching?