13.07.2017 05:32, Alex пишет: > On Wed, Jul 12, 2017 at 3:02 PM, Alain Zidouemba > <[email protected]> wrote: >> Signature will be going out shortly. > > It's now detected thanks to the amazing work by Steve from > sanesecurity. Also appreciate your help - perhaps his sig just hits > first. > > I've also just submitted another unrelated to investigate. > > $ sha1sum GOOGLESER.doc > d42e71932c866f9822c800fe46cd46bdf1b5e739 GOOGLESER.doc
f4434f22ffc51edf9641140d1b747feeab6b5a6a SCAN50784502102.DOC > >> >> On Wed, Jul 12, 2017 at 2:52 PM, Alex <[email protected]> wrote: >> >>> Hi, we've received a word virus that isn't currently being detected by >>> any scanners. I've submitted the FN, but would like to see if we can >>> get that pushed out as soon as possible. >>> >>> $ sha1sum Invoice_SKMBT_20170501.doc >>> 6cc1dd12fbc79311ebaf59e19e562ff63141f457 Invoice_SKMBT_20170501.doc >>> >>> It's not currently being found by any scanners: >>> https://www.virustotal.com/en/file/5b10fb6d20649c246d970e521e4436 >>> d70608bbb8c6d6128245d349c69a76ef10/analysis/ >>> >>> Also, there's some notes in the "comments" section of this post. What >>> does it mean? How can I use that to my benefit in the future? >>> >>> Is there any way a postfix/amavisd/spamassassin/clamav user can >>> benefit from this information by blocking based on that signature >>> provided? >>> _______________________________________________ >>> clamav-users mailing list >>> [email protected] >>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >>> >>> >>> Help us build a comprehensive ClamAV guide: >>> https://github.com/vrtadmin/clamav-faq >>> >>> http://www.clamav.net/contact.html#ml >>> >> _______________________________________________ >> clamav-users mailing list >> [email protected] >> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >> >> >> Help us build a comprehensive ClamAV guide: >> https://github.com/vrtadmin/clamav-faq >> >> http://www.clamav.net/contact.html#ml > _______________________________________________ > clamav-users mailing list > [email protected] > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
