 | MDB Signatures For New Palestinian Malware Campaign |  |
GuitarBob
Joined: 09 Jul 2006 |
Posts: 9 |
Location: USA |
|
 |
Posted: Wed Feb 09, 2022 8:05 pm |
|
 |
 |
 |
 |
There is a new malware campaign by Palestinian malware authors targeting foreign computers. Below are some MDB signatures for the malware. Copy each signature to a separate line in a new Notepad or similar text writer file, and then save the file as a file named Sigfile.mdb with a file type of “All Files” in the ClamWin database folder. Make sure the system does not name it with a .txt or .text extension on the end of the file name. ClamWin can not process signature files with those 2 extensions, and it will give you an error upon scanning. The file should be named only Sigfile.mdb.
After you save the signature file, scan a file somewhere with ClamWin to make sure the signatures work okay—sometimes I can make a mistake. Delete this signature file from the database folder if the scan gives you an error. You can add the signatures to the top of an already existing MDB signature file. If you add to the bottom of an existing file, you will get a scanning error.
I usually keep these custom signatures for a month and then delete them from the database folder.
41984:bec78862503f332da1b461c295508c92:Win.Trojan.NimbleMamba-020922.1306
41984:bf8f7ae2078c9aa49f77fddba9046ee8:Win.Trojan.Agent-020922.1310
3108:eebffdbf4e6c120798320ae42b90cd38:Win.Trojan.Agent-020922.1313
41984:bf8f7ae2078c9aa49f77fddba9046ee8:Win.Trojan.NimbleMamba-020922.1316
Regards,
|
|
 |
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by
phpBB © phpBB Group
Design by
phpBBStyles.com |
Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.