On 2016-04-14 16:15, Kris Deugau wrote:
Does anyone have any examples of valid signatures for the .cdb sigfiles?
http://sanesecurity.com/foxhole-databases/
"whatever"), but based on what I've tried so far that's apparently not valid.
yes i have hard to get more info on cdb format files aswell, seems undokumted as is
The only thing I want to match on is the name of the files in the archive. .zmd and .rmd still work for that.
take one or more of the foxhole databases, and possible if succes share that signature here, it might be usefull for more then one
i prefer 0day signatures in this wondorfull world of malwares _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
