[Community-sigs] signatures

Christopher Marczewski cmarczewski at sourcefire.com
Wed Feb 1 16:58:30 EST 2017 

Correction:

Js.Downloader.Spam:7:*:2e73706c697428726f78282929*2e6f70656e2822676574222c746f6728
Html.Downloader.Spam:3:*:2e6f70656e2822676574222c22687474703a2f2f222b785b695d2b672b
Js.Downloader.Spam:7:*:2e6a6f696e28*3d22687474703a2f*6c322e786d6c6874747022*2e6f70656e2822676574222c*2e73656e6428293b6966*6e7365746578742e73706c697428

On Wed, Feb 1, 2017 at 4:57 PM, Christopher Marczewski <
cmarczewski at sourcefire.com> wrote:

> Hello Michael,
>
> Apologies for the delay. All three signatures have been submitted for FP
> testing, prior to publication.
>
> I did modify the names & target types, mostly for scope reduction:
>
> Js.Downloader.Span:7:*:2e73706c697428726f78282929*
> 2e6f70656e2822676574222c746f6728
> Html.Downloader.Spam:3:*:2e6f70656e2822676574222c226874
> 74703a2f2f222b785b695d2b672b
> Js.Downloader.Spam:7:*:2e6a6f696e28*3d22687474703a2f*
> 6c322e786d6c6874747022*2e6f70656e2822676574222c*2e73656e6428293b6966*
> 6e7365746578742e73706c697428
>
> On Thu, Jan 26, 2017 at 3:42 PM, Michael Cichosz <michael.cichosz at gmx.de>
> wrote:
>
>> Hello Christopher,
>> i have both files uploaded to the link you provide me ;)
>> before i put all files in one zip, watch out for this
>> one:f9f29f930269781a8fbe7d50e13de2c9  r.zip
>>
>> Thanks
>>
>> Regards,
>>
>> Michael Cichosz (mcichosz _at_ clamav.net)       ClamAV, a GPL
>> anti-virus toolkit
>> Phone: +49 5371/170 222 4  PGP key id 04B57A3D
>>
>>
>> > Gesendet: Donnerstag, 26. Januar 2017 um 16:32 Uhr
>> > Von: "Christopher Marczewski" <cmarczewski at sourcefire.com>
>> > An: "ClamAV Community Signatures Submission List" <
>> community-sigs at lists.clamav.net>
>> > Betreff: Re: [Community-sigs] signatures
>> >
>> > Hello Michael,
>> >
>> > Thank you for the signature submissions. Any chance you can upload
>> > c9ef36cd01de1da145c287a77145065b & 7e1046171c2d480999d9ba404b60a598?
>> They
>> > are not present on VirusTotal, nor in any of our repositories.
>> >
>> > Samples can be uploaded at the link below:
>> >
>> > http://www.clamav.net/reports/malware
>> >
>> > On Thu, Jan 26, 2017 at 5:13 AM, Michael Cichosz <
>> michael.cichosz at gmx.de>
>> > wrote:
>> >
>> > > Hi, new signatures for your collection:
>> > >
>> > > files:
>> > > c9ef36cd01de1da145c287a77145065b  Delivery-Receipt-04397717.doc.wsf
>> > > 4efeb185fd81458d1d15e39638888104  Item-Delivery-Details-3136255.
>> doc.wsf
>> > > 7e1046171c2d480999d9ba404b60a598  Undelivered-Parcel-ID-7497849.
>> doc.wsf
>> > >
>> > > signatures:
>> > > JS.Trojan.Downloader:0:*:2e73706c697428726f78282929*
>> > > 2e6f70656e2822676574222c746f6728
>> > > JS.Trojan.Downloader:0:*:2e6f70656e2822676574222c226874
>> > > 74703a2f2f222b785b695d2b672b
>> > > JS.Trojan.Downloader:0:*:2e6a6f696e28*3d22687474703a2f*
>> > > 6c322e786d6c6874747022*2e6f70656e2822676574222c*2e73656e6428293b6966*
>> > > 6e7365746578742e73706c697428
>> > >
>> > > Regards
>> > >
>> > > Michael Cichosz (mcichosz _at_ clamav.net)       ClamAV, a GPL
>> anti-virus
>> > > toolkit
>> > > Phone: +49 151/1124 6897  PGP key id 04B57A3D
>> > > _______________________________________________
>> > > Community-sigs mailing list
>> > > Community-sigs at lists.clamav.net
>> > > http://lists.clamav.net/cgi-bin/mailman/listinfo/community-sigs
>> > >
>> > > http://www.clamav.net/contact.html#ml
>> > >
>> >
>> >
>> >
>> > --
>> > Christopher Marczewski
>> > Research Engineer
>> > Talos Group
>> > cmarczewski at sourcefire.com
>> > Phone: 443.430.7118
>> > _______________________________________________
>> > Community-sigs mailing list
>> > Community-sigs at lists.clamav.net
>> > http://lists.clamav.net/cgi-bin/mailman/listinfo/community-sigs
>> >
>> > http://www.clamav.net/contact.html#ml
>> >
>> _______________________________________________
>> Community-sigs mailing list
>> Community-sigs at lists.clamav.net
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/community-sigs
>>
>> http://www.clamav.net/contact.html#ml
>>
>
>
>
> --
> Christopher Marczewski
> Research Engineer
> Talos Group
> cmarczewski at sourcefire.com
> Phone: 443.430.7118 <(443)%20430-7118>
>



-- 
Christopher Marczewski
Research Engineer
Talos Group
cmarczewski at sourcefire.com
Phone: 443.430.7118

More information about the Community-sigs mailing list