Please don't include signatures that apply to "Any File" in an e-mail as it was detected as infected upon arrival and could easily be blocked by intermediate mail servers.
-Al- On Thu, Oct 05, 2017 at 01:42 AM, Hajo Locke wrote: > since yesterday we found a lot of malware called > Ppt.Exploit.CVE_2017_0199-6336815-1 > Hitrate is extremly increasing. Currently i believe this is a FP. > Signature looks short: > Ppt.Exploit.CVE_2017_0199-6336815-1 <snip> > This decodes to: > <snip> > > Unfortunately i cant sent samples of found docx-files, because they are > privat. > Anybody else noticed this behaviour? > > Thanks, > Hajo
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
