kevross33
commented
7 years ago 
Closed kevross33 closed 6 years ago
kevross33
commented
7 years ago
jbremer
commented
6 years ago Merged, thanks!
This is a basic sig I have written for IRMA scan results and probably can do with some more work but it does work it seems. I "trust" the scan results a lot more than virustotal in this case as people may have fewer scanners so we go severity 3 from the first alert and I don't bother with counting up each one as there may only be a handful of AVs so no point counting up results to adjust severity like VirusTotal sig.
On another note if AV scanning done on every file regardless of OS shouldn't this and antivirus_virustotal.py be in cross instead of Windows folder?