On Wednesday 18 April 2018 19:03:48 Al Varnell wrote: > Thanks for the warning, but suggest you also upload to VirusTotal > <https://www.virustotal.com/#/home/upload> to see if any other scanner > is aware. ClamAV will eventually pick it up from there or you can > submit to them directly if shown to be malware. > I'll see if I can grok how to do that in the morning after the first cup has kicked in. I'm about bushed for the day.
> Sent from my iPad > > -Al- > > > On Apr 18, 2018, at 10:10 AM, Gene Heskett <[email protected]> > > wrote: > > > > Hey guys; > > > > Do not open any so-called invoice attachment that ends in an .rOO, > > I'm getting a boatload of them that spamassassin is catching, and I > > suspect the file attached has links to download and display an > > invoice for thousands, is actually an attack vector file. Clamd > > passed it, but I suspect its too new. The name of the file also has > > spaces, meaning it came from a winderz box. > > > > The .r00 files attached are not the same lengths, but are 300k to > > 500k in lengths. > > > > And I've never heard of the names used for reply addresses. > > > > -- > > Cheers, Gene Heskett > > -- > > "There are four boxes to be used in defense of liberty: > > soap, ballot, jury, and ammo. Please use in that order." > > -Ed Howdershelt (Author) > > Genes Web page <http://geneslinuxbox.net:6309/gene> > > _______________________________________________ > > clamav-users mailing list > > [email protected] > > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > > > > Help us build a comprehensive ClamAV guide: > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml > > _______________________________________________ > clamav-users mailing list > [email protected] > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml -- Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http://geneslinuxbox.net:6309/gene> _______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
