Not sure I understand the problem you are facing.
If you are asking if ClamAV with official signatures would detect the zip
file whose SHA256 is
eb495bcdfb517743ced48d1b165b046739fb621cc693cb09fed8c879684851f3,
then the answer is yes. The detection name you would see is
Win.Trojan.Banload-6198.
I
Dear Sir,
Our mail server Qmail has latest ClamAV:
main.cld is up to date (version: 55, sigs: 2424225, f-level: 60, builder:
neo)
daily.cld is up to date (version: 20691, sigs: 1477959, f-level: 63,
builder: neo)
bytecode.cld is up to date (version: 265, sigs: 47, f-level: 63, builder:
neo)
But
