[clamav-users] swift.doc Doc.Dropper.Agent-1776597
Joel Esler (jesler)
jesler at cisco.com
Wed Oct 19 10:05:44 EDT 2016
So to be clear, it is not detected or it is detected?
Joel Esler | Talos: Manager| jesler at cisco.com<mailto:jesler at cisco.com>
On Oct 19, 2016, at 9:50 AM, Heino Backhaus <heino.backhaus at fink-computer.de<mailto:heino.backhaus at fink-computer.de>> wrote:
we've received totay early in the morning mails with a word document
containing a malicius macro,
which was not detected by clamav. It is now detected as
I've set up clamd with the OLE2BlockMacros yes option which normaly
works fine, but not with this file.
Even though i've reported this as a bug, i just whanted to ask if
somebody knows more about this.
Mit freundlichen Gruessen
Heggrabenstr. 9, 35435 Wettenberg
Email: heino.backhaus at fink-computer.de<mailto:heino.backhaus at fink-computer.de>
HRB: 2143 Gießen
GF: Fredi Fink
"In retrospect it becomes clear that hindsight is definitely overrated!"
-Alfred E. Neumann
Help us build a comprehensive ClamAV guide:
More information about the clamav-users