[clamav-users] Sigtool parsing issues
steveb_clamav at sanesecurity.com
Mon Aug 15 11:39:46 EDT 2016
On Mon, August 15, 2016 4:25 pm, Jack wrote:
> Great, thanks. Here is the output with ‘—debug’:
> LibClamAV debug: Initialized 0.99.2 engine
> LibClamAV debug: in cli_ole2_extract()
> LibClamAV debug: OLE2 magic failed!
> LibClamAV debug: Cleaning up phishcheck
> LibClamAV debug: Phishcheck cleaned up
> To note, the document opens fine in Microsoft Word, and oletools has no
> issues dumping out the macros.
badmacro.ndb is picking up these (Sanesecurity.Badmacro.Doc.df).... and
yep, sigtool doesn't seem to dump the macro.... but clamscan will extract
the macro files ok.
Web : sanesecurity.com
More information about the clamav-users