According to this, Sophos should see it as Troj/JavaBz-ZO: <https://www.virustotal.com/en/file/f97ea502099c1bea8eb36e2f90e94feabf1a79652cd5c0f4384f91f65410aa9f/analysis/> submitted yesterday.
Microsoft detects it as Trojan:Java/Adwind.P and Kaspersky calls it Trojan.Java.Adwind.af -Al- On Tue, Oct 20, 2015 at 06:14 AM, Alex wrote: > > On Mon, Oct 19, 2015 at 9:59 PM, Alain Zidouemba > <[email protected]> wrote: >> Send the sample here: http://www.clamav.net/reports/malware >> >> Provide the MD5 or SHA256 of the sample on this mailing list. > > afa496ee1ffaba2ba17ddd50f9163bef PaymentInvoice.jar > > I'd really appreciate hearing from someone regarding whether this is a > new virus or there is some other explanation about this file. > > Thanks, > Alex > >> >> Thanks, >> >> - Alain >> >> On Mon, Oct 19, 2015 at 7:28 PM, Alex <[email protected]> wrote: >> >>> Hi, >>> I have a jar file that is apparently identified as a virus by >>> Microsoft as "Trojan.Java.Adwind.af" but not a virus by either clamav >>> or sophos. Microsoft apparently first identified this early this year, >>> so I'm curious why it's not being tagged by clamav or sophos. >>> >>> I know I can upload a sample, but I'm more interested in knowing if >>> Microsoft is identifying this as an FP, or otherwise why clamav and >>> sophos aren't identifying it. >>> >>> Where can I upload a binary file and hopefully ask that someone >>> investigate it for me? >>> >>> Thanks so much, >>> Alex >>> _______________________________________________ >>> Help us build a comprehensive ClamAV guide: >>> https://github.com/vrtadmin/clamav-faq >>> >>> http://www.clamav.net/contact.html#ml >>> >> _______________________________________________ >> Help us build a comprehensive ClamAV guide: >> https://github.com/vrtadmin/clamav-faq >> >> http://www.clamav.net/contact.html#ml > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml -Al- -- Al Varnell Mountain View, CA
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
