[clamav-users] ClamAV malware report: include info from Malwr?
Joel Esler (jesler)
jesler at cisco.com
Wed Nov 16 15:06:15 UTC 2016
To answer the automation question, 100% of what people submit is handled automatically. It is ran through our sandboxes if needs be, (the sandboxes used by our commercial customers) along with a ton of other factors, but yes, it's 100% automated. Humans have to deal with what cannot be automated at the end of the process.
--
Sent from my iPhone
> On Nov 16, 2016, at 6:58 AM, Matteo Dessalvi <m.dessalvi at gsi.de> wrote:
>
> Sure, I can use other sites too. My question was:
> would the folks at ClamAV benefit from these
> analysis?
>
> I don't know how much automated the submission
> process is: I guess it will anyhow run an analysis
> on the submitted file, so maybe including these
> links is not particularly useful to decide if the
> submitted sample has to be included in the
> signatures or not (assuming there's an actual
> human being which will make the final decision
> at the end).
>
> Regards,
> Matteo
>
>> On 11/16/2016 03:35 PM, Steve Basford wrote:
>>> On Wed, November 16, 2016 1:56 pm, Matteo Dessalvi wrote:
>>>
>>> It ended up to be just the first step in order to download the
>>> real malware:
>>>
>>> https://malwr.com/analysis/MzVkNzAzYjBiOTJhNDlmODhkZjRiY2EwY2EwOWZhZWE/
>> I Guess you could post links to other sites too...
>>
>> eg:
>>
>> https://www.hybrid-analysis.com/sample/42afe1bfcf2ec48aa2fb293b637d8df2033504ec98fe5944167187f19899ddb4?environmentId=100
>>
>> https://virustotal.com/en/file/2586f39b57bd74439b539abe51b686389526047c806f059413602767f98d864d/analysis/
>>
>>
>
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list