[clamav-users] Java.Malware fps

Henrik K hege at hege.li
Fri Apr 7 02:24:20 EDT 2017


Whos' flooding crappy samples around, and why is ClamAV making sigs of tiny class files like org/eclipse/aether/impl/RemoteRepositoryManager.class?

.m2/repository/org/codehaus/plexus/plexus-interpolation/1.19/plexus-interpolation-1.19.jar: Java.Malware.Agent-6205983-0 FOUND
.m2/repository/org/codehaus/plexus/plexus-interpolation/1.21/plexus-interpolation-1.21.jar: Java.Malware.Agent-6205983-0 FOUND
.m2/repository/org/eclipse/aether/aether-impl/0.9.0.M2/aether-impl-0.9.0.M2.jar: Java.Malware.Agent-6203284-0 FOUND
.m2/repository/org/eclipse/aether/aether-impl/0.9.0.M2/aether-impl-0.9.0.M2.jar: Java.Malware.Agent-6206104-0 FOUND
.m2/repository/org/eclipse/aether/aether-impl/0.9.0.M2/aether-impl-0.9.0.M2.jar: Java.Malware.Agent-6206114-0 FOUND
Talend-LogServer/logstash-1.5.0/vendor/bundle/jruby/1.9/gems/ruby-maven-libs-3.1.1/lib/aether-impl-0.9.0.M2.jar: Java.Malware.Agent-6203284-0 FOUND
Talend-LogServer/logstash-1.5.0/vendor/bundle/jruby/1.9/gems/ruby-maven-libs-3.1.1/lib/aether-impl-0.9.0.M2.jar: Java.Malware.Agent-6206104-0 FOUND
Talend-LogServer/logstash-1.5.0/vendor/bundle/jruby/1.9/gems/ruby-maven-libs-3.1.1/lib/aether-impl-0.9.0.M2.jar: Java.Malware.Agent-6206114-0 FOUND
Talend-LogServer/logstash-1.5.0/vendor/bundle/jruby/1.9/gems/ruby-maven-libs-3.1.1/lib/plexus-interpolation-1.19.jar: Java.Malware.Agent-6205983-0 FOUND
Talend-LogServer/logstash-1.5.0/vendor/jruby/lib/ruby/gems/shared/gems/ruby-maven-libs-3.1.1/lib/aether-impl-0.9.0.M2.jar: Java.Malware.Agent-6203284-0 FOUND
Talend-LogServer/logstash-1.5.0/vendor/jruby/lib/ruby/gems/shared/gems/ruby-maven-libs-3.1.1/lib/aether-impl-0.9.0.M2.jar: Java.Malware.Agent-6206104-0 FOUND
Talend-LogServer/logstash-1.5.0/vendor/jruby/lib/ruby/gems/shared/gems/ruby-maven-libs-3.1.1/lib/aether-impl-0.9.0.M2.jar: Java.Malware.Agent-6206114-0 FOUND
Talend-LogServer/logstash-1.5.0/vendor/jruby/lib/ruby/gems/shared/gems/ruby-maven-libs-3.1.1/lib/plexus-interpolation-1.19.jar: Java.Malware.Agent-6205983-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/configuration/.m2/repository/org/codehaus/plexus/plexus-interpolation/1.19/plexus-interpolation-1.19.jar: Java.Malware.Agent-6205983-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/configuration/org.eclipse.osgi/11/0/.cp/aether-impl-1.0.0.v20140518.jar: Java.Malware.Agent-6203284-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/configuration/org.eclipse.osgi/11/0/.cp/aether-impl-1.0.0.v20140518.jar: Java.Malware.Agent-6206104-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/configuration/org.eclipse.osgi/11/0/.cp/aether-impl-1.0.0.v20140518.jar: Java.Malware.Agent-6206114-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/configuration/org.eclipse.osgi/11/0/.cp/aether-spi-1.0.0.v20140518.jar: Java.Malware.Agent-6204790-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/configuration/org.eclipse.osgi/11/0/.cp/plexus-interpolation-1.21.jar: Java.Malware.Agent-6205983-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/aether-impl-0.9.0.M2.jar: Java.Malware.Agent-6203284-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/aether-impl-0.9.0.M2.jar: Java.Malware.Agent-6206104-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/aether-impl-0.9.0.M2.jar: Java.Malware.Agent-6206114-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/maven-aether-provider-3.2.1.jar: Java.Malware.Agent-6205980-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/maven-model-3.2.1.jar: Java.Malware.Agent-6202827-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/maven-model-3.2.1.jar: Java.Malware.Agent-6203114-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/maven-model-3.2.1.jar: Java.Malware.Agent-6219627-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/maven-model-builder-3.2.1.jar: Java.Malware.Agent-6202656-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/maven-model-builder-3.2.1.jar: Java.Malware.Agent-6202829-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/maven-model-builder-3.2.1.jar: Java.Malware.Agent-6202832-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/maven-model-builder-3.2.1.jar: Java.Malware.Agent-6203116-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/maven-model-builder-3.2.1.jar: Java.Malware.Agent-6203119-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/maven-model-builder-3.2.1.jar: Java.Malware.Agent-6205981-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/maven-model-builder-3.2.1.jar: Java.Malware.Agent-6205984-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/maven-model-builder-3.2.1.jar: Java.Malware.Agent-6206112-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/maven-model-builder-3.2.1.jar: Java.Malware.Agent-6206254-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/maven-model-builder-3.2.1.jar: Java.Malware.Agent-6206255-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.eclipse.m2e.maven.runtime_1.5.0.20140605-2032/jars/plexus-interpolation-1.19.jar: Java.Malware.Agent-6205983-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.talend.components.api.service_0.13.1.jar: Java.Malware.Agent-6203284-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.talend.components.api.service_0.13.1.jar: Java.Malware.Agent-6204790-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.talend.components.api.service_0.13.1.jar: Java.Malware.Agent-6206104-0 FOUND
Talend-Tools-Studio-20160704_1411-V6.2.1/plugins/org.talend.components.api.service_0.13.1.jar: Java.Malware.Agent-6206114-0 FOUND
apache-maven-3.2.5/lib/aether-impl-1.0.0.v20140518.jar: Java.Malware.Agent-6203284-0 FOUND
apache-maven-3.2.5/lib/aether-impl-1.0.0.v20140518.jar: Java.Malware.Agent-6206104-0 FOUND
apache-maven-3.2.5/lib/aether-impl-1.0.0.v20140518.jar: Java.Malware.Agent-6206114-0 FOUND
apache-maven-3.2.5/lib/aether-spi-1.0.0.v20140518.jar: Java.Malware.Agent-6204790-0 FOUND
apache-maven-3.2.5/lib/maven-aether-provider-3.2.5.jar: Java.Malware.Agent-6205980-0 FOUND
apache-maven-3.2.5/lib/maven-model-3.2.5.jar: Java.Malware.Agent-6202827-0 FOUND
apache-maven-3.2.5/lib/maven-model-3.2.5.jar: Java.Malware.Agent-6203114-0 FOUND
apache-maven-3.2.5/lib/maven-model-3.2.5.jar: Java.Malware.Agent-6219627-0 FOUND
apache-maven-3.2.5/lib/maven-model-builder-3.2.5.jar: Java.Malware.Agent-6202656-0 FOUND
apache-maven-3.2.5/lib/maven-model-builder-3.2.5.jar: Java.Malware.Agent-6202829-0 FOUND
apache-maven-3.2.5/lib/maven-model-builder-3.2.5.jar: Java.Malware.Agent-6202832-0 FOUND
apache-maven-3.2.5/lib/maven-model-builder-3.2.5.jar: Java.Malware.Agent-6203116-0 FOUND
apache-maven-3.2.5/lib/maven-model-builder-3.2.5.jar: Java.Malware.Agent-6203119-0 FOUND
apache-maven-3.2.5/lib/maven-model-builder-3.2.5.jar: Java.Malware.Agent-6205981-0 FOUND
apache-maven-3.2.5/lib/maven-model-builder-3.2.5.jar: Java.Malware.Agent-6205984-0 FOUND
apache-maven-3.2.5/lib/maven-model-builder-3.2.5.jar: Java.Malware.Agent-6206112-0 FOUND
apache-maven-3.2.5/lib/maven-model-builder-3.2.5.jar: Java.Malware.Agent-6206254-0 FOUND
apache-maven-3.2.5/lib/maven-model-builder-3.2.5.jar: Java.Malware.Agent-6206255-0 FOUND
apache-maven-3.2.5/lib/plexus-interpolation-1.21.jar: Java.Malware.Agent-6205983-0 FOUND



More information about the clamav-users mailing list