Hi,
I try to use ' VirusEvent' in clamd.conf to send an email if a Virus is
detected. But it seems that it is not executed. I also tried to execute a
script but did not work either.
VirusEvent tail -1 /var/log/clamav/clamav.log > /tmp/clammail && mail -s
"Clamav Virus Alert" mailaddress < /tmp/cl
Hi all,
has anybody seen this Malware Analysis Report (AR18-221A)
MAR-10135536-17 – North Korean Trojan: KEYMARBLE
https://www.us-cert.gov/ncas/analysis-reports/AR18-221A
?
I created a file "keymarble-dummy", whose hex dump looks like so:
4d 5a 74 68 69 73 20 69 73 20 61 20 64 75 6d 6d
I'm not sure how widely Yara is being used in current A-V scanning, but I would
have to guess it's not fully implemented by many. I am aware that the current
ClamAV scanner does not handle all the latest features and there are only
UNOFFICIAL rule available, so the scanner on VirusTotal would no
