When you submit it, be sure to include the password so that the ClamAV signature team can properly asses it and provide a hash signature for the zip file.
-Al- > On Dec 22, 2020, at 03:32, Alessandro Vesely via clamav-users > <[email protected]> wrote: > > Hi all, > > > today I received a message with an encrypted zip attachment. I saved the > attachment and loaded it to VirusTotal, where no scanner detected anything: > https://www.virustotal.com/gui/file/2cef2c979e60c1e2892e6a494814dd65db14c2076102279e6e74737d36c115a5/detection > > Then I unzipped the file using the password given in the message text, > uploaded the only extracted file and got plenty of VBA / W97M malware: > https://www.virustotal.com/gui/file/99b352442e1351334d5e68e7f12469dc7f2790e6ae44b05be7dcd03739211f1f/detection > > I spare reporting this malware to ClamAV, as it seems hopeless to me. Am I > wrong? > > > Best > Ale
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
