On May 5, 2019, at 23:24, Sunhux G via clamav-users <clamav-users@lists.clamav.net> wrote:
> Where can I download a copy of sigtool (that's pre-compiled) for
> Solaris 10 and RHEL7? Was combing clamav site but can't locate it.
> Appreciate a full URL to download it.
It's built into your ClamAV installation in clamav/bin.
> As for actual file, it's too dangerous as they're ransomware/malware,
> so wouldn't want to get a copy of it.
It's only dangerous if launched. The file itself just sitting on a drive is harmless and you only need it log enough to perform one scan to get the answer to your original question. I thought the whole purpose of your questions were based on being able to identify that this malware was on your drive so you wouldn’t become infected.
Honestly, I have to say, based on all the questions you are asking, you don't have sufficient knowledge yet of basic anti-malware operations to be undertaking this level of investigation.
If this is a well known malware in the wild, there is an extremely high probability that there is a signature in the ClamAV database already, and it may well not be in the form of a hash. IMHO, you need to trust that the professionals at Talos/ClamAV are on top of these things and better use your time and energies.
-Al-
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml