Blacklist mimikatz YARA rule

LibClamAV Error: parse_yara_hex_string: Single byte subpatterns unsupported in ClamAV LibClamAV Error: load_oneyara: error in parsing yara hex string LibClamAV Warning: load_oneyara: clamav cannot support 1 input strings, skipping YARA.mimikatz LibClamAV Warning: cli_loadyara: problem parsing yara file /var/lib/clamav/kiwi_passwords.yar, yara rule mimikatz
pyllyukko · Nov 22, 2023 · 531916b · 531916b · pyllyukko · Jan 11, 2024
1 parent 3fd1768
commit 531916b
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/tasks/clamav.yml b/tasks/clamav.yml
@@ -217,6 +217,7 @@
           malware_shellcode_hash
           Windows_Trojan_BloodAlchemy_de591c5a
           malware_PlugX_config
+          mimikatz
       tags:
         - configuration
         - yara