Can somebody with access to those samples run them against a virgin ClamAV signature database to answer the question? I'd be happy to if there are samples I can access.
-Al- On Wed, Jan 04, 2017 at 07:33 AM, TR Shaw wrote: > > I added detection in winnow_extended_malware.hdb which is distributed is the > sanesecurity feed the day after the JAR was released. I also searched for > the RAT and added signatures for that as well in winnow_malware_links.ndb > > Signatures are identified as winnow.Trojan.GRIZZLY_STEPPE.<identifier> > > Tom > > >> On Jan 4, 2017, at 10:26 AM, Andrew McGrath <and...@checkout51.com> wrote: >> >> I'm being asked a question by our security team that I am struggling >> to answer. The question is "Does ClamAV detect Grizzly Steppe?". >> >> I've hunted around the archives, support pages and google, but do not >> see any discussion about this, could anyone comment? >> >> Thank you!
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
