Hello,
For me, Andr.Dropper.Shedun-6840512-0 seems a false positive :
VIRUS NAME: /tmp/daily/daily.ldb:Andr.Dropper.Shedun-6840512-0
TDB: Engine:51-255,FileSize:4096-16384,Target:0
LOGICAL EXPRESSION: 0
* SUBSIG ID 0
+-> OFFSET: ANY
+-> SIGMOD: NONE
+-> DECODED SUBSIGNATURE:
lvik/system/DexClassLoader;Ljava/io/BufferedOutputStream;Lja
As far as I know, DexClassLoader and BufferedOutputStream are legit
Java/Android classes, and not malware related.
What do you think about ?
--
Cordialement / Best regards,
Arnaud Jacques
Gérant de SecuriteInfo.com
Téléphone : +33-(0)3.44.39.76.46
E-mail : a...@securiteinfo.com
Site web : https://www.securiteinfo.com
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
Twitter : @SecuriteInfoCom
Securiteinfo.com
La Sécurité Informatique - La Sécurité des Informations.
266, rue de Villers
60123 Bonneuil en Valois
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
