[clamav-users] Grizzly Steppe
TR Shaw
tshaw at oitc.com
Wed Jan 4 15:33:16 UTC 2017
I added detection in winnow_extended_malware.hdb which is distributed is the sanesecurity feed the day after the JAR was released. I also searched for the RAT and added signatures for that as well in winnow_malware_links.ndb
Signatures are identified as winnow.Trojan.GRIZZLY_STEPPE.<identifier>
Tom
> On Jan 4, 2017, at 10:26 AM, Andrew McGrath <andrew at checkout51.com> wrote:
>
> I'm being asked a question by our security team that I am struggling
> to answer. The question is "Does ClamAV detect Grizzly Steppe?".
>
> I've hunted around the archives, support pages and google, but do not
> see any discussion about this, could anyone comment?
>
> Thank you!
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list