linux-malware-detect icon indicating copy to clipboard operation
linux-malware-detect copied to clipboard

Published 20 hours ago verified publisher icon rfxn

Help/Problem with the custom md5 custom sigs

Open GuzzaPower opened this issue 5 years ago • 0 comments

Hi!

I have tried to add some custom MD5 signatures in the file "/usr/local/maldetect/sigs/custom.md5.dat"

I have used both MD5 versions, but the file with the matched MDA/MD5 is not detected.

maldet -a /home/ipv/public_html/hack/ maldet -f /home/ipv/public_html/hack/Memcache.php

How I have got the MD5: sigtool --md5 Memcache.php 7fbda32237454cfab0cedd4f66deaaf3:1343:Memcache.php

md5sum Memcache.php 7fbda32237454cfab0cedd4f66deaaf3 Memcache.php

Content of the file: custom.md5.dat 7fbda32237454cfab0cedd4f66deaaf3:1343:{MD5}php.cmdshell.Memcache.1 7fbda32237454cfab0cedd4f66deaaf3:{MD5}php.cmdshell.Memcache.2

Thank You!

GuzzaPower avatar Jun 26 '19 13:06 GuzzaPower