* Zvi Kave via clamav-users <clamav-users@lists.clamav.net>: > Hi, > > Where can I find more information about ClamAV detected virus like > Win.Trojan.N-68 > > or another name ?
You can decode the signature using this command: # sigtool -fWin.Trojan.N-68 | sigtool --decode-sigs Basically it finds an email containing a BASE64 encoded "readme.exe" using the content type "audio/x-wav"... Maybe this helps: VIRUS NAME: Win.Trojan.N-68 TARGET TYPE: ANY FILE OFFSET: * DECODED SIGNATURE: REMOVED A MIME BOUNDARY HERE Content-Type: audio/x-wav; name="readme.exe" Content-Transfer-Encoding: base64 -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 ralf.hildebra...@charite.de https://www.charite.de _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
