[clamav-users] Signature not detected

ungifted01 at gmail.com ungifted01 at gmail.com
Thu Jul 13 08:36:42 UTC 2017 


13.07.2017 05:32, Alex пишет:
> On Wed, Jul 12, 2017 at 3:02 PM, Alain Zidouemba
> <azidouemba at sourcefire.com> wrote:
>> Signature will be going out shortly.
> 
> It's now detected thanks to the amazing work by Steve from
> sanesecurity. Also appreciate your help - perhaps his sig just hits
> first.
> 
> I've also just submitted another unrelated to investigate.
> 
> $ sha1sum GOOGLESER.doc
> d42e71932c866f9822c800fe46cd46bdf1b5e739  GOOGLESER.doc

f4434f22ffc51edf9641140d1b747feeab6b5a6a  SCAN50784502102.DOC

> 
>>
>> On Wed, Jul 12, 2017 at 2:52 PM, Alex <mysqlstudent at gmail.com> wrote:
>>
>>> Hi, we've received a word virus that isn't currently being detected by
>>> any scanners. I've submitted the FN, but would like to see if we can
>>> get that pushed out as soon as possible.
>>>
>>> $ sha1sum Invoice_SKMBT_20170501.doc
>>> 6cc1dd12fbc79311ebaf59e19e562ff63141f457  Invoice_SKMBT_20170501.doc
>>>
>>> It's not currently being found by any scanners:
>>> https://www.virustotal.com/en/file/5b10fb6d20649c246d970e521e4436
>>> d70608bbb8c6d6128245d349c69a76ef10/analysis/
>>>
>>> Also, there's some notes in the "comments" section of this post. What
>>> does it mean? How can I use that to my benefit in the future?
>>>
>>> Is there any way a postfix/amavisd/spamassassin/clamav user can
>>> benefit from this information by blocking based on that signature
>>> provided?
>>> _______________________________________________
>>> clamav-users mailing list
>>> clamav-users at lists.clamav.net
>>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>>>
>>>
>>> Help us build a comprehensive ClamAV guide:
>>> https://github.com/vrtadmin/clamav-faq
>>>
>>> http://www.clamav.net/contact.html#ml
>>>
>> _______________________________________________
>> clamav-users mailing list
>> clamav-users at lists.clamav.net
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>>
>>
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml
>

More information about the clamav-users mailing list