Hi all,
today I received a message with an encrypted zip attachment. I saved the attachment and loaded it to VirusTotal, where no scanner detected anything:
https://www.virustotal.com/gui/file/2cef2c979e60c1e2892e6a494814dd65db14c2076102279e6e74737d36c115a5/detection
Then I unzipped the file using the password given in the message text, uploaded the only extracted file and got plenty of VBA / W97M malware:
https://www.virustotal.com/gui/file/99b352442e1351334d5e68e7f12469dc7f2790e6ae44b05be7dcd03739211f1f/detection
I spare reporting this malware to ClamAV, as it seems hopeless to me. Am I wrong?
Best
Ale
--
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
today I received a message with an encrypted zip attachment. I saved the attachment and loaded it to VirusTotal, where no scanner detected anything:
https://www.virustotal.com/gui/file/2cef2c979e60c1e2892e6a494814dd65db14c2076102279e6e74737d36c115a5/detection
Then I unzipped the file using the password given in the message text, uploaded the only extracted file and got plenty of VBA / W97M malware:
https://www.virustotal.com/gui/file/99b352442e1351334d5e68e7f12469dc7f2790e6ae44b05be7dcd03739211f1f/detection
I spare reporting this malware to ClamAV, as it seems hopeless to me. Am I wrong?
Best
Ale
--
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml