Open celevra opened 1 year ago
updating to newest yara removed the syntax error, but it didn't recognized my bad .msg Test Meeting.zip
are you sure that .msg triggers the exploit?
I've created the msg with this poc: https://github.com/api0cradle/CVE-2023-23397-POC-Powershell
hi,
i'm new to yara rules, but here i get an syntax error:
also, is there a way to get it compatible with clamd?
regards