This repository has been archived by the owner on Aug 6, 2024. It is now read-only.
Content Invalid Characters #1
Comments
|
Hi @biranpatel57 -- can you clarify what rules or rule files you have having issues with? |
|
I am having issues with the one rule in "all-clam.ldb" |
|
Hi @biranpatel57 -- I have tested the "all-clam.ldb" file locally and can confirm on my end that there are no issues. I am using ClamAV 0.103.0 which is the latest version. I would assume that the issue is related to Cisco FireAMP. If YARA is an option, we have also provided a COSMICGALE YARA rule which essentially mirrors the ClamAV rule logic wise. This can be found here: https://github.com/fireeye/sunburst_countermeasures/blob/main/rules/COSMICGALE/yara/APT_HackTool_PS1_COSMICGALE_1.yar |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I am trying to add this detection in Cisco FireAMP. I am getting an error messsage "Content invalid characters in signature". Unsure if this is a syntax issue or a problem with FireAMP.
Thoughts on how to fix this?
The text was updated successfully, but these errors were encountered: