The Emotet banking trojan may be one of the worst pieces of malware around just now. It has recently been updated to do much more than steal banking credentials/information. Command and control is now in the USA. The current version has been updated to hide in an XML file within a Microsoft Word Document file in order to evade anti-malware. Below is an MDB signature for one of the two payloads. Clam Av has a signature for the other payload.

Copy the signature to a Notepad file and save it in the ClamWin db program data folder. When you save the file, do not save it with a .txt or .text on the end. Just save it as Sigfile.mdb (select type All Files to prevent the .txt or .text at the end of the filename), otherwise ClamWin will not recognize it as a signature. The MDB signatures are for important parts of a malware and will last until the next version of the malware comes out--usually in a couple of weeks, but some malware authors reuse the same part again, so this signature might last for a month or so.

122880:092aae4d09a26caed59423e9ecf1c0f8:Win.Trojan.Emotet-021419.1929

Regards,