Today I came across this older blog post (almost 10 years old at this point!) about a simple method you can use to create your won Anti-Virus signatures with ClamAV.
The article has a nice walk through of how to dump an attachment out of an email, how to write a simple ndb signature to detect it, and how to deploy it. I thought this was fairly simple and well done, so I wanted to share.
If you are interested in creating your own detection, this article is worth checking out.
If you want to proceed a step further and submit those signatures back to us, we'll take a look as well, and if you submit the most in a month, we'll send you some nice swag!