From "signatures.pdf" para 3.1.3: > The easiest way to generate MD5 based section signatures is to extract target > PE sections into separate files and then run sigtool with the option --mdb
-Al- On Fri, May 05, 2017 at 12:47 AM, Abdullah AL-Mutairy wrote: > > Hello everyone! > > I'm having a trouble with custom databases. > I have 600 malware samples stored in "/Downloads/exe" and used sigtool to > create a signature database that only contain signatures of those 600 malware > samples, so i navigated the command line to point to /Downloads/exe and then > did this: > > $ sigtool --mdb * > home/test/Documents/CustomDB.mdb > > But when i do clamscan and let clam use this database it does not detect any > malware sample! I did the following: > > /Downloads/exe$ clamscan -r -d /home/teat/Documents/CustomDB.mdb > > Clamav did not identify any thing! I don't know why!
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
