[clamav-users] Reporting malware/false negatives
Alex
mysqlstudent at gmail.com
Wed Mar 22 13:43:09 UTC 2017
Hi,
>> How long does it typically take for a sample to be analyzed and a
>> pattern to be created?
>
> Generally speaking, a couple hours (sometimes 4, sometimes 8, depending on automation schedules) Because it was encrypted, it may be a bit more difficult, so I'll have to look into it. What is the sha256 hash of the file?
# sha256sum r564t97y168d2.docx
a68e789e8306e697874d155191376124e13e44f144b11a678a37e44036a3668d
r564t97y168d2.docx
I also included the password to decrypt it, "Vo1UPMQBgITg" as was
included with the email when it was received.
>> I don't even bother reporting them to sophos, et al because it's
>> sometimes days before they're added. I was expecting better from
>> clamav...
>
> Interesting, considering Sophos is not a free product.
Yes, sometimes (most times?) it's days.
alex
More information about the clamav-users
mailing list