Correct. Jar files are essentially zip files. Sent from my iPhone
> On Aug 7, 2018, at 07:00, Maarten Broekman <maarten.broek...@gmail.com> wrote: > > JAR files can be unpacked like tarballs so it is likely that there is a > common file in each that matches those hashes. > > Maarten > Sent from a tiny keyboard > >> On Aug 7, 2018, at 04:54, Albrecht, Peter <peter.albre...@wirecard.com> >> wrote: >> >> Hi, >> >>> I don't see how that is even remotely possibly. They are three completely >>> different hash signatures: >>> >>> [daily.hsb] >>> 9027093eab2a193081a763001e947371:4292:Html.Malware.Agent-6625344-0:73 >>> [daily.hsb] >>> 5591165097d53565d4e5f4e9fda8241a:7367:Html.Malware.Agent-6625164-0:73 >>> [daily.hsb] >>> f4116176a108054001a0e29e2ea105e6:6996:Html.Malware.Agent-6625283-0:73 >>> >>> You should have already submitted this file to ClamAV as a false positive, >>> so what was it's MD5 hash? >> >> I have submitted two files which have been reported. Their MD5 sums are: >> >> 88cc3123fce88d61b7c2cdbfc33542c5 httpclient-4.3.3.jar >> 9221d898bfa2fa19fa9bc307351f34a1 storm-submit-tools-1.1.1.jar >> >> Strangely, they are reported with the same signature. And after whitelisting >> the first >> one, the second one is reported. And then the third ... >> >> This started about 10 days ago, nothing has been reported before that. >> >> Thanks, >> >> Peter Albrecht >> Senior Linux Administrator >> >> Wirecard Service Technologies GmbH >> Einsteinring 35 | 85609 Aschheim | Germany >> Tel: +49 (0) 89 4424-191076 >> https://www.wirecard.com >> ________________________________________________________________________________________________________ >> >> Amtsgericht München HRB Nummer 238 150 >> >> Geschäftsführer: Thomas Neef, Susanne Steidl, Yiannakis Ioannou >> >> VERTRAULICHE INFORMATIONEN! Diese E-Mail enthält vertrauliche Informationen >> und ist nur für den berechtigten Empfänger >> bestimmt. Wenn diese E-Mail nicht für Sie bestimmt ist, bitten wir Sie, >> diese E-Mail an uns zurückzusenden und anschließend >> auf Ihrem Computer und Mail-Server zu löschen. Solche E-Mails und Anlagen >> dürfen Sie weder nutzen, noch verarbeiten oder >> Dritten zugänglich machen, gleich in welcher Form. Wir danken für Ihre >> Kooperation! >> >> CONFIDENTIAL! This email contains confidential information and is intended >> for the authorized recipient only. If you are >> not an authorised recipient please return the email to us and then delete it >> from your computer and mail-server. You may neither >> use nor edit any such emails including attachments, nor make them accessible >> to third parties in any manner whatsoever. >> Thank you for your cooperation. >> >> _______________________________________________ >> clamav-users mailing list >> clamav-users@lists.clamav.net >> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >> >> >> Help us build a comprehensive ClamAV guide: >> https://github.com/vrtadmin/clamav-faq >> >> http://www.clamav.net/contact.html#ml > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
