[clamav-users] Java.Malware fps

Al Varnell alvarnell at mac.com
Fri Apr 7 03:31:14 EDT 2017

On Fri, Apr 07, 2017 at 12:21 AM, Steve Basford wrote:
> On Fri, April 7, 2017 7:24 am, Henrik K wrote:
>> Whos' flooding crappy samples around, and why is ClamAV making sigs of
>> tiny class files like
>> org/eclipse/aether/impl/RemoteRepositoryManager.class?
> The odd few I've checked are hashes in daily.hsb:
> cd9bcebd235258962913a210ff938a5a:2623:Java.Malware.Agent-6205983-0:73
> b6aa66e635ff2c1225d734c3f2577994:1452:Java.Malware.Agent-6205984-0:73
> So, possibly part of the auto-generated ones.

But strangely, neither of those MD5's show any hits when they were uploaded to VirusTotal several months/years ago.

Al Varnell
Mountain View, CA

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3569 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20170407/17615008/attachment.bin>

More information about the clamav-users mailing list