[clamav-users] Signature analysis

Andriani Tsag andriani.tsag at servicenow.com
Mon Apr 24 05:25:11 EDT 2017


Hello,
Is there a way to see what a signature is specifically looking for (like when clamav-du[.]securesites[.]net/cgi-bin/clamgrok was operational?)
Since it went down I haven’t been able to find something similar.

I have received an alert about BC.Win.Exploit.CVE_2017_0060-6099223-1, but without knowing that the signature is looking for, it is hard to further analyse the file.
Thank you in advance for any input/advice.

Kind Regards,
Andriani


More information about the clamav-users mailing list