Merge PR #5068 from @ruppde - Update rules in the Antivirus category with additional strings and signature names
update: Antivirus Hacktool Detection - Add additional hacktools signature names.
update: Antivirus Password Dumper Detection - Add additional password dumpers such as "DumpPert", "Lazagne", "pypykatz", etc.
update: Antivirus Ransomware Detection - Add additional ransomware signature names.
fix: Antivirus Relevant File Paths Alerts - Remove the path "\Client" as it is too generic for a detection rule.
fix: Antivirus Web Shell Detection - Removed overlapping strings "ASP/Agent", "PHP/Agent", "JSP/Agent".
---------
Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>
Arnim Rupp
243003c21a