ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
Reply to topic
MDB Signatures For New North Korean Malware
GuitarBob


Joined: 09 Jul 2006
Posts: 4569
Location: USA
Reply with quote
Below are several signatures for new North Korean malware for ClamWin/Clam Sentinel users who might be in danger from them--primarily businesses/organizations/users that have information on their computers that might be of interest to North Korea. I suppose this applies to USA, South Korea, Japan, Taiwan, Australia and some others.

Copy the MDB signature(s) to a Notepad file and save it in the ClamWin db program data folder, or add the signature(s) to an existing MDB file you already have there. Do not save the signature(s) with a .txt or .text extension on the end of the name. Save the file(s) as Sigfile.mdb. Select file type All Files to prevent the .txt or .text at the end of the filename. ClamWin is unable to recognize a text file as a signature. After saving the file, scan something with ClamWin to make sure the signature works--delete the file/entry if it does not. Signatures may last from one week to a couple of weeks depending upon how lazy the malware authors are about changing their version. MDB signatures may last longer--up to a month say.

51712:d7c48cf554eae1f467a10903d05d84fc:Win.Trojan.Agent_NK-021420-1846
73728:70a3e4024020c2792542fcb13130235f:Win.Trojan.Agent_NK-021420-1844
80896:8480a50e20d57bcb86fa649691ca9e0c:Win.Trojan.Agent_NK-021420-1842
89088:88425c71e7e293d43db9868e4693b365:Win.Trojan.Agent_NK-021420-1840

Regards,
View user's profileSend private message
MDB Signatures For New North Korean Malware
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Reply to topic