Hi,
same situation for me. Debian 10 buster:
# clamscan --version
ClamAV 0.103.5/26495/Mon Mar 28 10:19:21 2022
running clamscan:
# clamscan /var/tmp/Money_transfer_details.xls
/var/tmp/Money_transfer_details.xls:
SecuriteInfo.com.Macro.Downlader-14.UNOFFICIAL FOUND
/var/tmp/
Hi Kris,
On Fri, 25 Mar 2022, Kris Deugau wrote:
I've been seeing a series of Excel files recently that seem to be triggering
a bug of some kind.
...
What version of ClamAV?
... clamscan -d test.hdb on one of these files produces a result like this:
Invoice 251064533 QT8094914.xls:
e3af0
I've been seeing a series of Excel files recently that seem to be
triggering a bug of some kind.
These are not matched by any stock signatures (yet), so I've been using
clamscan --leave-temps to extract components for signatures.
Most of the time I just create hashes of a component from one s
