GuitarBob
Joined: 09 Jul 2006 |
Posts: 4664 |
Location: USA |
|
 |
Posted: Sat Feb 15, 2020 2:54 am |
|
 |
 |
 |
 |
Below are several signatures for new North Korean malware for ClamWin/Clam Sentinel users who might be in danger from them--primarily businesses/organizations/users that have information on their computers that might be of interest to North Korea. I suppose this applies to USA, South Korea, Japan, Taiwan, Australia and some others.
Copy the MDB signature(s) to a Notepad file and save it in the ClamWin db program data folder, or add the signature(s) to an existing MDB file you already have there. Do not save the signature(s) with a .txt or .text extension on the end of the name. Save the file(s) as Sigfile.mdb. Select file type All Files to prevent the .txt or .text at the end of the filename. ClamWin is unable to recognize a text file as a signature. After saving the file, scan something with ClamWin to make sure the signature works--delete the file/entry if it does not. Signatures may last from one week to a couple of weeks depending upon how lazy the malware authors are about changing their version. MDB signatures may last longer--up to a month say.
51712:d7c48cf554eae1f467a10903d05d84fc:Win.Trojan.Agent_NK-021420-1846
73728:70a3e4024020c2792542fcb13130235f:Win.Trojan.Agent_NK-021420-1844
80896:8480a50e20d57bcb86fa649691ca9e0c:Win.Trojan.Agent_NK-021420-1842
89088:88425c71e7e293d43db9868e4693b365:Win.Trojan.Agent_NK-021420-1840
Regards,
|
|