Skip to content

Commit

Permalink
Added one YARA rule
Browse files Browse the repository at this point in the history
  • Loading branch information
@pyllyukko
pyllyukko committed Nov 1, 2023
1 parent 727adc8 commit 5acbd53
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions tasks/clamav.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1370,6 +1370,7 @@
- https://raw.githubusercontent.com/Yara-Rules/rules/master/webshells/WShell_PHP_in_images.yar
- https://raw.githubusercontent.com/Yara-Rules/rules/master/webshells/Wshell_ChineseSpam.yar
- https://raw.githubusercontent.com/Yara-Rules/rules/master/webshells/Wshell_fire2013.yar
- https://raw.githubusercontent.com/JPCERTCC/MalConfScan/master/yara/rule.yara
- name: Copy miscellaneous YARA rules
ansible.builtin.copy:
src: "{{ item }}"
Expand Down

1 comment on commit 5acbd53

@pyllyukko
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LibClamAV Error: cli_ac_addsig: Can't find a static subpattern of length 2
LibClamAV Error: cli_add_content_match_pattern: Problem adding signature (3).
LibClamAV Warning: load_oneyara[verify]: recovered from database loading error
LibClamAV Warning: load_oneyara[verify]: string failed test insertion: $xor_secret
LibClamAV Warning: load_oneyara: clamav cannot support 1 input strings, skipping YARA.Ramnit
LibClamAV Warning: cli_loadyara: problem parsing yara file /var/lib/clamav/rule.yara, yara rule Ramnit

Please sign in to comment.