Skip to content
This repository has been archived by the owner on Aug 6, 2024. It is now read-only.

Please post Redline compatible IOCs #4

Open
DARTHRATER opened this issue Dec 15, 2020 · 1 comment
Open

Please post Redline compatible IOCs #4

DARTHRATER opened this issue Dec 15, 2020 · 1 comment

Comments

@DARTHRATER
Copy link

From Redline Support:
The IOCs that you downloaded from FireEye's GitHub site is OpenIOC version 1.1. Redline currently only supports the OpenIOC version 1.0 standard.

OpenIOC 3.2.0 supports OpenIOC version 1.1 format, so that is why you were able to open then in that program.

OpenIOC 1.1 standard is not backward-compatible with 1.0.

@briandanimal
Copy link

briandanimal commented Dec 22, 2020

...wondering if there is an update on this. Importing "SUNBURST COMPROMISE INDICATORS.ioc" into Redline gets, "...is either not an IOC file, or it is malformed".

Just updated to Redline 2.0.0 (2.0.100.0), still no luck...

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants