On malshare.com a not small amount of potential dangerous files are uploaded everyday.
At the same time many of the submitted samples are not submitted to ClamAV. To change this, this site was created: On demand malshare.com's newest signaures are downloaded and converted to ClamAV's hash-based signature format.
MalShare provides the hashes without names so the signatures are named in the format MalShare.YYYYMMDD.number. ClamAV suffixes those names with .UNOFFICIAL
Daily signatures have an additional "c" in the number.
Full database (excluding today's signatures; over one million signatures as of 2018-01-04):
Current database (only today's signatures):
As freshclam does not support https it is impossible to download the custom database securely. Best would be to use an external tool like curl or wget. Many environments do already provide on of the listed tools.
For regular updates i.e. put this in your update user's crontab:
0 0 * * Sun wget -q https://sbiewald.de/api/malshare/MalShare.hdb -O /path/to/db/folder/MalShare.hdb
This will fetch the latest database every sunday.
An increase of the update frequency is not recommended. Please also note that the freshly downloaded database is not tested to work. Test the database before using!
To automatically download the MalShare database with freshclam add following line to your freshclam.conf:
ClamAV sadly does not support https. To download the databas securely, see manual setup. Also ClamAV does not update the installed database. To trigger a new download the old database must be removed.
It is possible to install the conversion server on own servers and integrate it in the own infrastructure. For an easy installation within Python execute following command:
pip3 install git+https://github.com/Varbin/malshare_db
Please see the command line references
The code can be found on GitHub: Varbin/malshare_db.
This site has no connection to The Silent Sigma Foundation (operator of malshare.com).
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.