Re: [clamav-users] Virus Malvare not detected

Wed, 15 Nov 2017 10:11:04 -0800 

Other virus not detected

https://www.virustotal.com/#/file/6b7b11077b2bcdbce94eff73722a4f78103d2e87bd4331654bc65c0daeb176dd/detection


El 14/11/17 a las 09:52, Emanuel escribió:

Scan the attachment, clamav not detect this file.


El 14/11/17 a las 09:51, Al Varnell escribió:
You mentioned two attachments. Kaspersky and ClamXAV appear to catch the first one, but neither catch the second one you showed us. The SHA246 for a file is the same no matter what scanner is used. 

-Al-

On Tue, Nov 14, 2017 at 04:36 AM, Emanuel wrote:

the first scan is with kaspersky online


El 14/11/17 a las 09:31, Al Varnell escribió:

That's not the same file you showed before. The SHA256 is different.

-Al-

On Tue, Nov 14, 2017 at 04:23 AM, Emanuel wrote:

Please see
https://www.virustotal.com/es-ar/file/323cb1d2f3b9d0678a8e017fedad1da2768c0eb65111937d03c19e0c053b5da4/analysis/1510662252/ <https://www.virustotal.com/es-ar/file/323cb1d2f3b9d0678a8e017fedad1da2768c0eb65111937d03c19e0c053b5da4/analysis/1510662252/> <https://www.virustotal.com/es-ar/file/323cb1d2f3b9d0678a8e017fedad1da2768c0eb65111937d03c19e0c053b5da4/analysis/1510662252/ <https://www.virustotal.com/es-ar/file/323cb1d2f3b9d0678a8e017fedad1da2768c0eb65111937d03c19e0c053b5da4/analysis/1510662252/>> 


El 14/11/17 a las 09:00, Al Varnell escribió:
According to VirusTotal, ClamAV does detect it as Doc.Dropper.Agent-6369707-0 <https://www.virustotal.com/en/file/142a177f214671f7abd22f9e545595bf56a8116763bb7e9de7368aa1b2d381bf/analysis/ <https://www.virustotal.com/en/file/142a177f214671f7abd22f9e545595bf56a8116763bb7e9de7368aa1b2d381bf/analysis/> <https://www.virustotal.com/en/file/142a177f214671f7abd22f9e545595bf56a8116763bb7e9de7368aa1b2d381bf/analysis/ <https://www.virustotal.com/en/file/142a177f214671f7abd22f9e545595bf56a8116763bb7e9de7368aa1b2d381bf/analysis/>>> 

but go ahead and try to submit it anyway.

-Al-

On Tue, Nov 14, 2017 at 03:33 AM, Emanuel wrote:

Hello,
I received two docs files in a email with the Subject "Invoice". The attachment is a malware virus, clamav not detected this. 

Scan with kaspersky


Scan result
File is infected
Detected threats
Trojan-Downloader.MSWord.Agent.bqx
File size
144.95 KB
File type
OOXML/DOCUMENT
Scan date
Nov 14 2017 08:15:42
Databases release date
Nov 14 2017 10:36:04 UTC
MD5
70bdc39f8f57e090bebc4616924cdadc
SHA1
ecf414f8523627a0d5d6637041f6e1e3bbcee62e
SHA256
142a177f214671f7abd22f9e545595bf56a8116763bb7e9de7368aa1b2d381bf

it's possible to add manually this virus to the clamav database?



_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net <mailto:clamav-users@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

-Al-


_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml




--
envialosimple.com <http://www.envialosimple.com>  
Emanuel Gonzalez
Deliverability Specialist
emanuel.gonza...@donweb.com <mailto:emanuel.gonza...@donweb.com>
www.envialosimple.com <http://www.envialosimple.com>
by donweb <http://www.envialosimple.com>
Nota de confidencialidad: Este mensaje y archivos adjuntos al mismo son confidenciales, de uso exclusivo para el destinatario del mismo. La divulgación y/o uso del mismo sin autorización por parte de DonWeb.com queda prohibida. DonWeb.com no se hace responsable del mensaje por la falsificación y/o alteración del mismo. De no ser Ud el destinatario del mismo y lo ha recibido por error, por favor, notifique al remitente y elimínelo de su sistema. Confidentiality Note: This message and any attachments (the message) are confidential and intended solely for the addressees. Any unauthorised use or dissemination is prohibited by DonWeb.com. 
DonWeb.com shall not be liable  for the message if altered or falsified.
If you are not the intended addressee of this message, please cancel it immediately and inform the sender Nota de Confidencialidade: Esta mensagem e seus eventuais anexos podem conter dados confidenciais ou privilegiados. Se você os recebeu por engano ou não é um dos destinatários aos quais ela foi endereçada, por favor destrua-a e a todos os seus eventuais anexos ou copias realizadas, imediatamente. É proibida a retenção, distribuição, divulgação ou utilização de quaisquer informações aqui contidas. Por favor, informenos sobre o recebimento indevido desta mensagem, retornando-a para o autor. 

_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Reply via email to