[clamav-users] Lots of Generic rule hits recently
Orion Poplawski
orion at nwra.com
Tue Feb 5 15:20:33 UTC 2019
We are starting to see a bunch of these being flagged. Anyone else
seeing issues with these?
*INFECTED*:
* Txt.Packed.Generic-6840866-0 :
https://cdn.onesignal.com/sdks/OneSignalSDK.js: 92 Time(s)
* Txt.Trojan.Generic-6840302-0 :
https://hangouts.google.com/_/scs/chat-static/_/js/k=chat.smh.en.Pu8_ikyrPm4.O/am=DA/rt=j/d=0/rs=AGNGyv2FSIx8mcoyNzukHwmnstRopshqqw/m=b:
155 Time(s)
https://hangouts.google.com/_/scs/chat-static/_/js/k=chat.smh.en.ZL7Y8mnXONE.O/am=DA/rt=j/d=0/rs=AGNGyv0AhpaCmrTZe_SDBFjUBXZmXaBYEA/m=b:
120 Time(s)
https://docs.google.com/static/drawings/client/js/2549037362-editor_ita.js:
1 Time(s)
https://docs.google.com/static/presentation/client/js/2865291726-editor_js_prod_ita.js:
1 Time(s)
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.Qyhlf-E27OQ.O/m=gapi_iframes,googleapis_client,iframes_styles_slide_menu,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_77KcTN4WVhdQMqIfKBMTqlRW8yg/cb=gapi.loaded_0:
5 Time(s)
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.Qyhlf-E27OQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_77KcTN4WVhdQMqIfKBMTqlRW8yg/cb=gapi.loaded_0:
1 Time(s)
* Win.Trojan.Generic-6840770-0 :
http://2.au.download.windowsupdate.com/c/msdownload/update/software/defu/2019/02/am_delta_680ce842d92a7839abe55fd13955eb08f21c9aaa.exe:
4 Time(s)
--
Orion Poplawski
Manager of NWRA Technical Systems 720-772-5637
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion at nwra.com
Boulder, CO 80301 https://www.nwra.com/
More information about the clamav-users
mailing list