Mailing List Archive

R: Information about the signature database
Dear All,

thanks a lot for the help.
I was able to identify the signature database update in which there was my suspicious file signature.

Kind regards,

Alessandro


.
Alessandro Cortina

[cid:FirmaMilano_PERANInew_1696e74b-a9ff-49e9-b1e5-b72d0555eb7b.jpg] .
Da: clamav-users <clamav-users-bounces@lists.clamav.net> per conto di Joel Esler via clamav-users <clamav-users@lists.clamav.net>
Data: venerdì, 9 dicembre 2022, 13:42
A: ClamAV users ML <clamav-users@lists.clamav.net>
Cc: Joel Esler <joel.esler@me.com>
Oggetto: Re: [clamav-users] Information about the signature database
The Talos team should be able to tell you, I’d you give them the name of the detection, they can look it up.

Sent from my iPhone


On Dec 9, 2022, at 07:10, Al Varnell via clamav-users <clamav-users@lists.clamav.net> wrote:
? Yes I simply search the daily's. If you give me the signature name I can do that for you tomorrow.
Sent from my iPad

-Al-


On Dec 9, 2022, at 02:59, Mark Allan via clamav-users <clamav-users@lists.clamav.net> wrote:
? Al will probably be along shortly to correct me (he's quite good at tracking down when items were added to the DB), but as far as I know, the only way is to search the archive of posts to the clamav-virusdb mailing list.

https://lists.clamav.net/pipermail/clamav-virusdb/<https://eu-central-1.protection.sophos.com?d=clamav.net&u=aHR0cHM6Ly9saXN0cy5jbGFtYXYubmV0L3BpcGVybWFpbC9jbGFtYXYtdmlydXNkYi8=&p=m&i=NjI1N2U0MTU2N2EzNzMxMTc3YWE2ZTU5&t=Szc2S21zOW85dk1xaVRONVNmdjRNV3NvcHB6c1F6aVdaQVJ4bWVFVlBHQT0=&h=b225bdd20f854a19aae147987f3ebb51&s=AVNPUEhUT0NFTkNSWVBUSVZRnYqI01uhZOJZr0ZM6mIr_DG4ec2yPwwgcmjnPwBy4S-QbYvmfr5pv40i3mq1RNQ>

Mark


On 9 Dec 2022, at 9:37 am, Alessandro Cortina <acortina@perani.com> wrote:

Hello,

is there a mean which I can see when a specific signature has been insert in the signature database?
I'm doing a forensics digital investigation and I'm trying to discover for how long the malware was known to the ClamAV Database.

Thanks for support.

Alessandro
.
Alessandro Cortina

<FirmaMilano_PERANInew_1696e74b-a9ff-49e9-b1e5-b72d0555eb7b.jpg> .
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users<https://eu-central-1.protection.sophos.com?d=clamav.net&u=aHR0cHM6Ly9saXN0cy5jbGFtYXYubmV0L21haWxtYW4vbGlzdGluZm8vY2xhbWF2LXVzZXJz&p=m&i=NjI1N2U0MTU2N2EzNzMxMTc3YWE2ZTU5&t=Z2UvN1hkL0JNRnQrMDJESjJaemV2bEtUSDJsUGd3SStwNUdPcWdqWmRvOD0=&h=b225bdd20f854a19aae147987f3ebb51&s=AVNPUEhUT0NFTkNSWVBUSVZRnYqI01uhZOJZr0ZM6mIr_DG4ec2yPwwgcmjnPwBy4S-QbYvmfr5pv40i3mq1RNQ>


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation<https://eu-central-1.protection.sophos.com?d=github.com&u=aHR0cHM6Ly9naXRodWIuY29tL0Npc2NvLVRhbG9zL2NsYW1hdi1kb2N1bWVudGF0aW9u&p=m&i=NjI1N2U0MTU2N2EzNzMxMTc3YWE2ZTU5&t=bkhiRndqK0VpOWpvTDJxa0h0OWhFaUYyODNpQjhxNTBWUXlocE5vSkFmZz0=&h=b225bdd20f854a19aae147987f3ebb51&s=AVNPUEhUT0NFTkNSWVBUSVZRnYqI01uhZOJZr0ZM6mIr_DG4ec2yPwwgcmjnPwBy4S-QbYvmfr5pv40i3mq1RNQ>

https://docs.clamav.net/#mailing-lists-and-chat<https://eu-central-1.protection.sophos.com?d=clamav.net&u=aHR0cHM6Ly9kb2NzLmNsYW1hdi5uZXQvI21haWxpbmctbGlzdHMtYW5kLWNoYXQ=&p=m&i=NjI1N2U0MTU2N2EzNzMxMTc3YWE2ZTU5&t=cG10VlJnU2VFelVnTFNIdFVYNk53L0g3cHNEVm84SU84YzVLZDZjbGljND0=&h=b225bdd20f854a19aae147987f3ebb51&s=AVNPUEhUT0NFTkNSWVBUSVZRnYqI01uhZOJZr0ZM6mIr_DG4ec2yPwwgcmjnPwBy4S-QbYvmfr5pv40i3mq1RNQ>











_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users<https://eu-central-1.protection.sophos.com?d=clamav.net&u=aHR0cHM6Ly9saXN0cy5jbGFtYXYubmV0L21haWxtYW4vbGlzdGluZm8vY2xhbWF2LXVzZXJz&p=m&i=NjI1N2U0MTU2N2EzNzMxMTc3YWE2ZTU5&t=Z2UvN1hkL0JNRnQrMDJESjJaemV2bEtUSDJsUGd3SStwNUdPcWdqWmRvOD0=&h=b225bdd20f854a19aae147987f3ebb51&s=AVNPUEhUT0NFTkNSWVBUSVZRnYqI01uhZOJZr0ZM6mIr_DG4ec2yPwwgcmjnPwBy4S-QbYvmfr5pv40i3mq1RNQ>


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation<https://eu-central-1.protection.sophos.com?d=github.com&u=aHR0cHM6Ly9naXRodWIuY29tL0Npc2NvLVRhbG9zL2NsYW1hdi1kb2N1bWVudGF0aW9u&p=m&i=NjI1N2U0MTU2N2EzNzMxMTc3YWE2ZTU5&t=bkhiRndqK0VpOWpvTDJxa0h0OWhFaUYyODNpQjhxNTBWUXlocE5vSkFmZz0=&h=b225bdd20f854a19aae147987f3ebb51&s=AVNPUEhUT0NFTkNSWVBUSVZRnYqI01uhZOJZr0ZM6mIr_DG4ec2yPwwgcmjnPwBy4S-QbYvmfr5pv40i3mq1RNQ>

https://docs.clamav.net/#mailing-lists-and-chat<https://eu-central-1.protection.sophos.com?d=clamav.net&u=aHR0cHM6Ly9kb2NzLmNsYW1hdi5uZXQvI21haWxpbmctbGlzdHMtYW5kLWNoYXQ=&p=m&i=NjI1N2U0MTU2N2EzNzMxMTc3YWE2ZTU5&t=cG10VlJnU2VFelVnTFNIdFVYNk53L0g3cHNEVm84SU84YzVLZDZjbGljND0=&h=b225bdd20f854a19aae147987f3ebb51&s=AVNPUEhUT0NFTkNSWVBUSVZRnYqI01uhZOJZr0ZM6mIr_DG4ec2yPwwgcmjnPwBy4S-QbYvmfr5pv40i3mq1RNQ>

_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users<https://eu-central-1.protection.sophos.com?d=clamav.net&u=aHR0cHM6Ly9saXN0cy5jbGFtYXYubmV0L21haWxtYW4vbGlzdGluZm8vY2xhbWF2LXVzZXJz&p=m&i=NjI1N2U0MTU2N2EzNzMxMTc3YWE2ZTU5&t=Z2UvN1hkL0JNRnQrMDJESjJaemV2bEtUSDJsUGd3SStwNUdPcWdqWmRvOD0=&h=b225bdd20f854a19aae147987f3ebb51&s=AVNPUEhUT0NFTkNSWVBUSVZRnYqI01uhZOJZr0ZM6mIr_DG4ec2yPwwgcmjnPwBy4S-QbYvmfr5pv40i3mq1RNQ>


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation<https://eu-central-1.protection.sophos.com?d=github.com&u=aHR0cHM6Ly9naXRodWIuY29tL0Npc2NvLVRhbG9zL2NsYW1hdi1kb2N1bWVudGF0aW9u&p=m&i=NjI1N2U0MTU2N2EzNzMxMTc3YWE2ZTU5&t=bkhiRndqK0VpOWpvTDJxa0h0OWhFaUYyODNpQjhxNTBWUXlocE5vSkFmZz0=&h=b225bdd20f854a19aae147987f3ebb51&s=AVNPUEhUT0NFTkNSWVBUSVZRnYqI01uhZOJZr0ZM6mIr_DG4ec2yPwwgcmjnPwBy4S-QbYvmfr5pv40i3mq1RNQ>

https://docs.clamav.net/#mailing-lists-and-chat<https://eu-central-1.protection.sophos.com?d=clamav.net&u=aHR0cHM6Ly9kb2NzLmNsYW1hdi5uZXQvI21haWxpbmctbGlzdHMtYW5kLWNoYXQ=&p=m&i=NjI1N2U0MTU2N2EzNzMxMTc3YWE2ZTU5&t=cG10VlJnU2VFelVnTFNIdFVYNk53L0g3cHNEVm84SU84YzVLZDZjbGljND0=&h=b225bdd20f854a19aae147987f3ebb51&s=AVNPUEhUT0NFTkNSWVBUSVZRnYqI01uhZOJZr0ZM6mIr_DG4ec2yPwwgcmjnPwBy4S-QbYvmfr5pv40i3mq1RNQ>