Thanks it is not easy getting Squid proxy to work with ssl intercept and to have ClamAV scan for issues inside a firewall. It’s impressive. Thanks for all you do ClamAV team. Sent from my iPhone
> On Dec 18, 2024, at 01:27, Ralf Hildebrandt via clamav-users > <clamav-users@lists.clamav.net> wrote: > > * Jonathan Lee via clamav-users <clamav-users@lists.clamav.net>: > >> instream(local): vhxtdQ.sigs.InterServer.net.SHA256.21881.UNOFFICIAL FOUND > > # sigtool --find-sig=vhxtdQ.sigs.InterServer.net.SHA256.21881 > [interserver256.hdb] > 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21:17174:vhxtdQ.sigs.InterServer.net.SHA256.21881 > > in this case, "vhxtdQ.sigs.InterServer.net.SHA256.21881" is a > signature, based on a SHA256 checksum of a file. > >> instream(local): >> sigs.InterServer.net.HEX.Topline.194.150.117.29.371.UNOFFICIAL FOUND > > # sigtool --find-sig=sigs.InterServer.net.HEX.Topline.194.150.117.29.371 > [interservertopline.db] > sigs.InterServer.net.HEX.Topline.194.150.117.29.371=32615f6269727375686964772e706870 > > this can be decoded: > > # sigtool --find-sig=sigs.InterServer.net.HEX.Topline.194.150.117.29.371 | > sigtool --decode-sigs > VIRUS NAME: sigs.InterServer.net.HEX.Topline.194.150.117.29.371 > DECODED SIGNATURE: > 2a_birsuhidw.php > > -- > Ralf Hildebrandt > Charité - Universitätsmedizin Berlin > Geschäftsbereich IT | Abteilung Netz | Netzwerk-Administration > Invalidenstraße 120/121 | D-10115 Berlin > > Tel. +49 30 450 570 155 > ralf.hildebra...@charite.de > https://www.charite.de > _______________________________________________ > > Manage your clamav-users mailing list subscription / unsubscribe: > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/Cisco-Talos/clamav-documentation > > https://docs.clamav.net/#mailing-lists-and-chat _______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat