Skip to content

Commit

Permalink
Merge pull request #10 from CybercentreCanada/update_avclass_rules
Browse files Browse the repository at this point in the history 
Update AVclass configuration
  • Loading branch information
@cccs-bb
cccs-bb authored Mar 4, 2021
2 parents 569c1da + c272f2b commit c0fe1c6
Show file tree
Hide file tree
Showing 4 changed files with 25 additions and 124 deletions.
6 changes: 3 additions & 3 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,9 @@ using [AVclass2](https://github.com/malicialab/avclass/tree/master/avclass2).
The service has no parameters, but relies on the following files, as described
in the AVclass2 documentation.

* [`avclass_/data/avclass.tagging`](avclass_/data/avclass.tagging) - Tag aliases
* [`avclass_/data/avclass.expansion`](avclass_/data/avclass.expansion) - Implied tags
* [`avclass_/data/avclass.taxonomy`](avclass_/data/avclass.taxonomy) - Tag categories
* [`data/avclass.tagging`](data/avclass.tagging) - Tag aliases
* [`data/avclass.expansion`](data/avclass.expansion) - Implied tags
* [`data/avclass.taxonomy`](data/avclass.taxonomy) - Tag categories

These configurations differ from defaults provided by AVclass2 in that they
were generated using a large quantity of VirusTotal submissions. Configuration
Expand Down
6 changes: 3 additions & 3 deletions data/avclass.expansion
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
backdoor server
bitcoinminer bitcoinmining
clicker click
clicker clicks
ddoser ddos
dialer dial
dialer dials
downloader execdownload
gamania gamethief
keylogger keylog
keylogger keylogging
miner mining
onlinegames gamethief
ransomware filecrypt
Expand Down
Loading

0 comments on commit c0fe1c6

Please sign in to comment.