Varenyky is a trojan seen earlier this month targeting French users. It is a spambot that is sent via email attachment (usually MS Word). The trojan can engage in sextortion, send spam, steal passwords, copy user screens, and is under further development to do more evil. Clam AV alrteady has a signature for the current trojan downloader. Below is an MDB file for a few of the latest versions of the malware itself.

Copy the MDB signature(s) to a Notepad file and save it in the ClamWin db program data folder or add the signature(s) to an existing MDB file you may already have there. Do not save the file with a .txt or .text extension on the end of the name. Save it as Sigfile.mdb (select file type All Files to prevent the .txt or .text at the end of the filename), otherwise ClamWin will be unable to recognize a text file as a signature. MDB signatures identify important parts of a malware file and will last until the next version of the malware comes out, but parts of old versions can be reused, so an MDB signature could last from a week to a month.

6620672:317c7d38197f6aaf60d837beed5fd13a:Win.Trojan.Varenyky-081819.1324
6629376:a2b192400e7ebe55b4472bb19aa42310:Win.Trojan.Varenyky-081819.1322
6621184:bfb1dd983869999b720e29199087822c:Win.Trojan.Varenyky-081819.1319

Regards,