 | MDB Signature For French Trojan.Varenyky |  |
GuitarBob
Joined: 09 Jul 2006 |
Posts: 9 |
Location: USA |
|
 |
Posted: Sun Aug 18, 2019 6:47 pm |
|
 |
 |
 |
 |
Varenyky is a trojan seen earlier this month targeting French users. It is a spambot that is sent via email attachment (usually MS Word). The trojan can engage in sextortion, send spam, steal passwords, copy user screens, and is under further development to do more evil. Clam AV alrteady has a signature for the current trojan downloader. Below is an MDB file for a few of the latest versions of the malware itself.
Copy the MDB signature(s) to a Notepad file and save it in the ClamWin db program data folder or add the signature(s) to an existing MDB file you may already have there. Do not save the file with a .txt or .text extension on the end of the name. Save it as Sigfile.mdb (select file type All Files to prevent the .txt or .text at the end of the filename), otherwise ClamWin will be unable to recognize a text file as a signature. MDB signatures identify important parts of a malware file and will last until the next version of the malware comes out, but parts of old versions can be reused, so an MDB signature could last from a week to a month.
6620672:317c7d38197f6aaf60d837beed5fd13a:Win.Trojan.Varenyky-081819.1324
6629376:a2b192400e7ebe55b4472bb19aa42310:Win.Trojan.Varenyky-081819.1322
6621184:bfb1dd983869999b720e29199087822c:Win.Trojan.Varenyky-081819.1319
Regards,
|
|
 |
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by
phpBB © phpBB Group
Design by
phpBBStyles.com |
Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.