Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 3 Mar 2016 10:44:22 +0200
From: Georgi Guninski <guninski@...inski.com>
To: oss-security@...ts.openwall.com, cypherpunks@...nks.org,
	debian-legal@...ts.debian.org
Subject: According to www.virustotal.com, lists.debian.org are hosting
 attachment .DOC virus

According to www.virustotal.com, lists.debian.org 
are hosting attachment .DOC virus.

Would someone confirm or deny this?

Warning:  DO NOT OPEN THE .DOC!
Discalimer: Nothing personal against Debian

https://lists.debian.org/debian-consultants/2016/01/msg00000.html
links to:

https://lists.debian.org/debian-consultants/2016/01/docyrW4BlUhzH.doc

Submitting the last .doc URL at:
https://www.virustotal.com
and then going to:
Go to downloaded file analysis
gives:
https://www.virustotal.com/en/file/c7210dc26e00a0d9f9bf8fb3b4850d52b62bb5836a7fa34bb669fc1b1553005e/analysis/1456991242/

SHA256: 	c7210dc26e00a0d9f9bf8fb3b4850d52b62bb5836a7fa34bb669fc1b1553005e
File name: 	docyrW4BlUhzH.doc
Detection ratio: 	17 / 54

the first few results are:
AVG 	W97M/Downloader 	20160303
AVware 	Trojan-Downloader.O97M.Adnel.n (v) 	20160303
AegisLab 	W97M.Gen!c 	20160303
Arcabit 	HEUR.VBA.Trojan.e 	20160303
Avast 	VBA:Downloader-ABC [Trj] 	20160303
ESET-NOD32 	VBA/TrojanDownloader.Agent.AOM 	20160303

and some report it as clean.

The .doc is downloadable with the same checksum.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.