Clamd does not detect all Makros.
Steve Basford
steveb_clamav at sanesecurity.com
Wed Oct 19 13:42:50 UTC 2016
On Wed, October 19, 2016 2:24 pm, Heino Backhaus wrote:
> Hello List,
>
>
> we've seen some mails containing malicius macros not detected by clamav
> with "OLE2BlockMacros yes".
>
> https://virustotal.com/de/file/76b8348170c8f44a1030765118ad71b5b93374aad9
> 3e24e0b106ccbcf7c89547/analysis/
>
Just as a note, this detected by ClamAV already as a hash:
Doc.Dropper.Agent-1776597
66f869afeb0bc8fcc91307a3155c3118:207360
Could you throw a copy to samples AT sanesecurity.org.uk and I'll
take a quick peek.
--
Cheers,
Steve
Twitter: @sanesecurity
More information about the MailScanner
mailing list