Written by #xxaxxelxx

ClamAV | homebrewing signature files

Quick and Dirty:
from mpack tools:

munpack  YOURMAILFILE
sigtool --md5 ../XFILES/DocumentXNoX1076196.xls >> MYSIG.hdb

Better:

https://objective-see.com/blog/blog_0x17.html

https://www.decalage.info/vba_tools

https://www.decalage.info/python/olevba

http://www.pwnage.io/2013/06/fun-with-clamav.html?m=1

http://blog.clamav.net/2011/02/how-to-create-custom-signatures-for.html?m=1

Click to access blah.pdf

http://blog.adamsweet.org/?p=250

https://packages.gentoo.org/packages/net-mail/mpack

https://www.idrsolutions.com/online-pdf-to-html5-converter/

http://blog.talosintelligence.com/2008/09/logical-signatures-in-clamav-094.html

http://hexacorn.com/d/PESectionExtractor.pl

Click to access signatures.pdf

http://hiddenillusion.blogspot.de/2012/06/xdp-files-and-clamav.html

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.