There is a new trojan that is pretty sophisticated and it undergoes continuous development. It has a multi-stage infection sequence. The infection starts via an instant messenger. The target/endgame is unknown at present. Clam AV has a signature for the dropper.

Below is a MDB signature for this malware. Copy the signature to a Notepad file and save it in the ClamWin db program data folder. When you save the file, do not save it with a .txt or .text on the end. Just save it as Sigfile.mdb (select type All Files to prevent the .txt or .text at the end of the filename), otherwise ClamWin will not recognize it as a signature. The MDB signatures are for important parts of a malware and will last until the next version of the malware comes out--usually in a week or less, but some malware authors reuse the same part again, so this signature might last longer--at most for a month.

97792:3823f6544ed4528fd4ecf6932fb59d19:Win.Trojan.Rietspoof-021919.1223

Regards,