You can pipe that to sigtool --decode-sigs to see what it is.
What I usually use is:
$ sigtool --find-sigs BAD_RULE | awk '{ print $NF }' | sigtool --decode-sigs
On Thu, Sep 10, 2020 at 9:55 PM Olivier via clamav-users <
clamav-users@lists.clamav.net> wrote:
> Hi,
>
> I have a virus signature
Hi,
I have a virus signature that triggers on some of my daily system
security emails. This is not an official ClamAV signature, so my purpose
is not to complain here.
The signature file is a .ndb format and the specific signature is:
BAD_RULE:0:*:3139332e3232382e39312e313233
How can I decode
