[clamav-users] Malware/ransomware and Yara signatures with clamav
Nataraj
incoming-clamav at rjl.com
Tue May 16 19:08:26 UTC 2017
On 05/15/2017 01:04 PM, Mark Foley wrote:
> On Mon May 15 15:06:07 2017 "Eric Tykwinski" <eric-list at truenet.com> wrote:
>> Here's links to sample files, ie use at your own risk:
>> https://gist.github.com/rain-1/989428fa5504f378b993ee6efbc0b168
>>
>> Sincerely,
>>
>> Eric Tykwinski
>> TrueNet, Inc.
>> P: 610-429-8300
>>
It might be necessary to specify this option to clamav if other rules
are finding viruses first:
-z, --allmatch
After a match, continue scanning within the file for
additional matches.
Also, there are at least 175 signatures for wannacry in the various
sanesecurity databases which can be updated automatically using their
scripts.
Nataraj
More information about the clamav-users
mailing list