Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 3 Mar 2016 10:44:22 +0200
From: Georgi Guninski <guninski@...inski.com>
To: oss-security@...ts.openwall.com, cypherpunks@...nks.org,
	debian-legal@...ts.debian.org
Subject: According to www.virustotal.com, lists.debian.org are hosting
 attachment .DOC virus

According to www.virustotal.com, lists.debian.org 
are hosting attachment .DOC virus.

Would someone confirm or deny this?

Warning:  DO NOT OPEN THE .DOC!
Discalimer: Nothing personal against Debian

https://lists.debian.org/debian-consultants/2016/01/msg00000.html
links to:

https://lists.debian.org/debian-consultants/2016/01/docyrW4BlUhzH.doc

Submitting the last .doc URL at:
https://www.virustotal.com
and then going to:
Go to downloaded file analysis
gives:
https://www.virustotal.com/en/file/c7210dc26e00a0d9f9bf8fb3b4850d52b62bb5836a7fa34bb669fc1b1553005e/analysis/1456991242/

SHA256: 	c7210dc26e00a0d9f9bf8fb3b4850d52b62bb5836a7fa34bb669fc1b1553005e
File name: 	docyrW4BlUhzH.doc
Detection ratio: 	17 / 54

the first few results are:
AVG 	W97M/Downloader 	20160303
AVware 	Trojan-Downloader.O97M.Adnel.n (v) 	20160303
AegisLab 	W97M.Gen!c 	20160303
Arcabit 	HEUR.VBA.Trojan.e 	20160303
Avast 	VBA:Downloader-ABC [Trj] 	20160303
ESET-NOD32 	VBA/TrojanDownloader.Agent.AOM 	20160303

and some report it as clean.

The .doc is downloadable with the same checksum.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ