the file you provided is actually not a 7z file, I could open it with unrar.
So this might be a nice trick to circumvent a not so intelligent scanner
where scanning is done via file extension - the scanner mit try to use
7z to extract files and fails.
However, in the case of clamav, the content (exe file) is not recognized
as malware.
I uploaded the sample, and voila:
https://www.virustotal.com/gui/file/5079dbd9f11f35569cc43305df4c22a3cbd88d84384956be5384bb878f0c75ef
On 05.04.22 16:40, Nikolaos Milas wrote:
On 5/4/2022 1:57 μ.μ., infoomatic wrote:
out of interest, did clamav detect the local content?
You mean the exe file contained in the 7z archive?
I didn't try that, to be honest.
Nick
