"unofficial" is actually non official (not the built in) signature of clamav
On Mon, 23 Dec 2019, 10:02 pm 'Walt Thiessen' via YARA, < [email protected]> wrote: > clamAV runs on my cPanel server, and today it detected the following: > > YARA.php_malware_hexinject.UNOFFICIAL FOUND > > I can't find much of anything about this. I tried running it through > https://www.virustotal.com/, but it wasn't recognized there either. Does > anyone here know anything about it? And do you know why it's "unofficial"? > > -- > You received this message because you are subscribed to the Google Groups > "YARA" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/yara-project/46d24430-4298-4997-be37-c18598903f66%40googlegroups.com > <https://groups.google.com/d/msgid/yara-project/46d24430-4298-4997-be37-c18598903f66%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "YARA" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/yara-project/CAKOSBAn7Q5Lq0-hiavkH8rPQdE9yuU6qUVp3cHjsE5ns%3DxMNOw%40mail.gmail.com.
