[Community-sigs] PUA.Andr.Adware.Revmob-6775215-0

Matthew Molyett mmolyett at sourcefire.com
Fri Jan 4 11:14:48 EST 2019


That signature has been flagged for removal. Thank you.

On Wed, Dec 12, 2018 at 12:42 AM Arnaud Jacques <webmaster at securiteinfo.com>
wrote:

> Hello sigmakers,
>
> VIRUS NAME: daily.ldu:PUA.Andr.Adware.Revmob-6775215-0
> TDB: Engine:51-255,FileSize:4194304-16777216,Target:0
> LOGICAL EXPRESSION: 0
>   * SUBSIG ID 0
>   +-> OFFSET: ANY
>   +-> SIGMOD: NONE
>   +-> DECODED SUBSIGNATURE:
> @ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
>
> Does this signature will trigger malicious code ? I don't think so.
> I guess this will trigger a lot of false positives.
> Could you please review and update this signature ?
>
> --
> Cordialement / Best regards,
>
> Arnaud Jacques
> Gérant de SecuriteInfo.com
>
> Téléphone : +33-(0)3.44.39.76.46
> E-mail : aj at securiteinfo.com
> Site web : https://www.securiteinfo.com
> Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
> Twitter : @SecuriteInfoCom
>
> Securiteinfo.com
> La Sécurité Informatique - La Sécurité des Informations.
> 266, rue de Villers
> 60123 Bonneuil en Valois
>
> _______________________________________________
> Community-sigs mailing list
> Community-sigs at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/community-sigs
>
> http://www.clamav.net/contact.html#ml
>


-- 

Matthew Molyett
Malware Researcher

mmolyett at cisco.com
Phone:  (410) 309-4834
Mobile: (410) 674-2049

Cisco.com - http://www.cisco.com

This email may contain confidential and privileged material for the sole
use of the intended recipient. Any review, use, distribution or disclosure
by others is strictly prohibited. If you are not the intended recipient (or
authorized to receive for the recipient), please contact the sender by
reply email and delete all copies of this message.

For corporate legal information go to:
http://www.cisco.com/web/about/doing_business/legal/cri/index.html



More information about the Community-sigs mailing list