[clamav-users] Not detecting valid malicious file if the zip file contains corrupted zip file

Vijayakumar U vj1610 at gmail.com
Thu Jan 31 06:39:34 EST 2019


Do I need to raise this issue or is it taken care of already?

On Thu, 10 Jan 2019 at 21:12, Benny Pedersen <me at junc.eu> wrote:

> Vijayakumar U skrev den 2019-01-10 15:42:
>
> > When a malicious file is inside zip file and if zip file contains some
> > other corrupted zip file, the malicious file is not filtered as virus.
>
> +1
>
> please start using foxhole 3dr party signatures to stop this malwares
> with double packed archives
>
> > Sample link - ZXW2.6-Blackfish2.0.zip -
> > https://drive.google.com/drive/folders/129LvUWJNnp_P-qzXIxA5nqlyS0lnraQB
>
> ZXW2.6.exe is undetected on gdrive, so it can be downloaded, on
> virustotal.com its detected on 18 out of 68 scanners :)
>
> i have sent this file to http://www.clamav.net/reports/malware as a
> false negative
>
> thanks for reporting and using clamav
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>


-- 
Cheers,
Vijay.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20190131/eaf5f7ea/attachment.html>


More information about the clamav-users mailing list