Not sure exactly when this was added to the .ldu database, but by the name it's a Possibly Unwanted Android Application, so unlikely to be found in that many different types of files. The signature looks like this:
VIRUS NAME: PUA.Andr.Trojan.Generic-6878612-0
TDB: Engine:51-255,FileSize:1048576-4194304,Target:0
LOGICAL EXPRESSION: 0
* SUBSIG ID 0
+-> OFFSET: ANY
+-> SIGMOD: NONE
+-> HEX: 010002110304211231054151611322718132061491a1b14223241552c16233347282d14307259253f0e1f163733516a2b283264493546445c2a3743617d255 e2
except that I added a space before the last two characters to prevent this e-mail from being detected as infected.
-Al-
On Mar 13, 2019, at 03:26, vamp898 via clamav-users <
clamav-users@lists.clamav.net> wrote:
Hi there,
since a few days we get a _lot_ detections for PUA.Andr.Trojan.Generic-6878612-0
Office Documents, ZIP Docuemnts, JPEG Images (containing nothing as JPEG) are all more and more detected at this type. Not all of them but way too much to see a real pattern what the actual issue is :(
Is that something known?