 | New Grand Crab Ransom Version Attacking South Korean Users |  |
|
GuitarBob
| Joined: 09 Jul 2006 |
| Posts: 9 |
| Location: USA |
|
|
 Posted: Wed Aug 22, 2018 4:00 pm |
|
 |
 |
|
|
If there are any South Korean ClamWin users, there is a new version of the Grand Crab ransomware that is attacking that country. The malware is in .EGG archive files, so you should include *.egg in your list of extensions for ClamWin to scan. Clam AV has a signature for the main executable, but it does not have signatures for a couple of link files that are also involved. Copy the signatures below into a Notepad file and save it as Sigfile.hdb. Do not save it as a text file. Paste the Sigfile.hdb into the ClamWin DB folder. Keep it for about 4 weeks, and then delete it--by then there will probably be a new version of the malware.
37795ac41c9b35035457a927978fcdd3:1163:Win.Trojan.Agent-082218.1044
8e5f4903cad2b129eef0beb7001db3d7:133081:Win.Trojan.Agent-082218.1048
Regards,
|
|
|
 |
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by
phpBB © phpBB Group
Design by
phpBBStyles.com |
Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
