Mailing List Archive: [clamav-users] Best place for Signature information

Hi there,

On Mon, 14 Oct 2019, Paul via clamav-users wrote:

> I am wanting to get as much info as possible on
> Doc.Downloader.Emotet-7196349-0 which from my local searches first appeared
> in daily.cvd on Oct 1. Searches for Doc.Downloader.Emotet-7196349-0 in the
> clamamv-virusdb mailing produce nothing.
>
> is there somewhere else I should/can be looking

The naming of malware is always a bit of an issue. Don't expect that
a name used by ClamAV will be recognized by the providers of any other
AV products; it might be and it might not. Basically whoever finds it
first picks the name. Sometimes several finders name the same thing
all at once with completely different names so it can get confusing.

Sounds like you've been bitten by this one. If you have a sample of
the malware you can send it for example to Jotti's site. You might
find several different names for it and the providers (a couple of
dozen I think) might have more information for you on their Websites.

https://virusscan.jotti.org/

--

73,
Ged.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml