Re: sneaky spams w/zipped URL file, easily caught by "Thread-Index"

Tue, 27 Mar 2018 06:49:27 -0700 

On 03/27/2018 08:24 AM, Pedro David Marco wrote:

Thanks Rob, can you pastebin a sample??


----
PedroD



Looks like ClamAV UNOFFICIAL sigs are detecting this:

Clamd: message was infected: Sanesecurity.Foxhole.Zip_url.UNOFFICIAL
Clamd: Purchase Order_4014053_27032018.zip was infected: Sanesecurity.Foxhole.Zip_url.UNOFFICIAL 

https://pastebin.com/WwUbWCQY

--
David Jones

Reply via email to