[clamav-users] Malware found on datadog folder in centos. Is it false-positive?

Arnaud Jacques webmaster at securiteinfo.com
Mon Jan 31 12:21:41 UTC 2022 

FP confirmed (I guess) :
https://www.virustotal.com/gui/file/217ae5161a0e08c0fb873858806e3478c9775caffce5168b50ec885e358c199d


Le 31/01/2022 à 12:30, Al Varnell via clamav-users a écrit :
> First I would upload the file to https://virustotal.com to see if any 
> other scanners identify the file as malware.
> 
> Sent from my iPad
> 
> -Al-
> 
>> On Jan 31, 2022, at 03:21, Nick Theofanidis via clamav-users 
>> <clamav-users at lists.clamav.net> wrote:
>>
>> 
>> Hello, i hope everyone is well.
>>
>> while scanning my database vps clamav found Win.Malware.Generic-9937882-0
>> on 
>> /opt/datadog-agent/embedded/lib/python3.8/ensurepip/_bundled/pip-21.1.1-py3-none-any.whl, 
>> the server is running Centos 7 so a win based malware not likely 
>> dangerous but it makes me wonder, is it a malware or is it a false 
>> positive?
>>
>> I am new to all this so i would like some guidelines as to what should 
>> i check and how should i proceed...
>>
>> thanks in advance,
>> N. Theofanidis
>>
>>
>> _______________________________________________
>>
>> clamav-users mailing list
>> clamav-users at lists.clamav.net
>> https://lists.clamav.net/mailman/listinfo/clamav-users
>>
>>
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
> 
> 
> _______________________________________________
> 
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

-- 
Cordialement / Best regards,

Arnaud Jacques
Gérant de SecuriteInfo.com

Téléphone : +33-(0)3.60.47.09.81
E-mail : aj at securiteinfo.com
Site web : https://www.securiteinfo.com
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
Twitter : @SecuriteInfoCom
Signatures for ClamAV antivirus : http://ow.ly/LqfdL

More information about the clamav-users mailing list