Again, same as I wrote on the Snort list, we rewrote all of this detection and it is in the official ClamAV database, so If you are using fresh clam to update from clamav, you already have it.



On Dec 17, 2020, at 3:44 PM, bobby via clamav-users <clamav-users@lists.clamav.net> wrote:

I was going through the released Fireeye tool countermeasures, and came upon this: https://github.com/fireeye/red_team_tool_countermeasures/blob/master/all-clam.ldb.  Is this meant to be installed with clamav somehow? 

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml