On Thu, 10 Jan 2019 at 21:12, Benny Pedersen <me@junc.eu> wrote:

Vijayakumar U skrev den 2019-01-10 15:42:

> When a malicious file is inside zip file and if zip file contains some
> other corrupted zip file, the malicious file is not filtered as virus.

+1

please start using foxhole 3dr party signatures to stop this malwares
with double packed archives

> Sample link - ZXW2.6-Blackfish2.0.zip -
> https://drive.google.com/drive/folders/129LvUWJNnp_P-qzXIxA5nqlyS0lnraQB

ZXW2.6.exe is undetected on gdrive, so it can be downloaded, on
virustotal.com its detected on 18 out of 68 scanners :)

i have sent this file to http://www.clamav.net/reports/malware as a
false negative

thanks for reporting and using clamav
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml