Here are some I could quickly identify:
Win.Trojan.DropBear
Win.Trojan.BlackEnergy2Driver
Win.Trojan.BlackEnergy3
- Alain
On Thu, Feb 18, 2016 at 7:37 AM, Volcy, Georges
wrote:
> Good Morning,
>
> Does ClamAV detect the Blackenergy malware and is there any way for me
On Thu, February 18, 2016 12:37 pm, Volcy, Georges wrote:
> Good Morning,
>
>
> Does ClamAV detect the Blackenergy malware and is there any way for me to
> verify it. Thanks,
Just added Sanesecurity_BlackEnergy.yara to the Sanesecurity mirrors,
if that's a help.
It hit on a sample I downloaded.
daily.cvd Win.Trojan.Blackenergy
daily.cvd PUA.Win32.Packer.BlackenergyDdos
But I have submitted a False Positive sample against the first one.
-Al-
On Feb 18, 2016, at 4:37 AM, Volcy, Georges wrote:
> Does ClamAV detect the Blackenergy malware and is there
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
BlackEnergy uses cryptor and, therefore, can't have stable signature.
18.02.16 18:37, Volcy, Georges ?:
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQEcBAEBCAAGBQJWxcJSAAoJENNXIZxhPexGrp4H/1u0Pf/+avO//BUnB9OjiEC8
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
BlackEnergy uses cryptor and, therefore, can't have stable signature.
18.02.16 18:37, Volcy, Georges ?:
> Good Morning,
>
> Does ClamAV detect the Blackenergy malware and is there any way for me
to verify it.
> Thanks,
>
> Georges Volcy
>
Good Morning,
Does ClamAV detect the Blackenergy malware and is there any way for me to
verify it.
Thanks,
Georges Volcy
SCADA Engineer - EMS
PSEG Long Island
CNI - EMS Provisioning & Support
(516) 949-7417(Desk)
(516) 949-7400 (Office)
(516) 492-9773 (Cell)