Good Day
I ran a malware scan of my PC and it flagged "BLAT3219_32.FULL.ZIP" as RiskWare.Agent which was downloaded from https://sourceforge.net/projects/blat/files/Blat%20Full%20Version/32%20bit%20versions/Win2000%20and%20newer/ (has been around since 2017-11-20)
The strange thing is, that the Malware-bytes didn't seem to have a issue with the zip file contents which which had also been extracted.
Norton didn't seem to have a issue with it; but virustotal.com threw up a few alerts https://www.virustotal.com/#/file/cd026e10a6a8d2e164e67e859b058dc4642121f8e12075d1db980eafe1e7462d/detection (NotAVirus, Unsafe, Trojan>blat, Win32/Virus.b23)
So just wondering the following:
Why the zip file was flagged; but the extracted EXE was not?
Any details on why Blat was put into the RiskWare.Agent classification?
I've read this https://blog.malwarebytes.com/detections/riskware-agent already
Is Blat in the "RiskWare.Agent" classification because it one of its uses could be to send spam STMP mail via a batch? Similar to a gun being good or bad depending on its use; or does blat expose me to something dangerous? If its just the intended use, then this is ok, as I use it to send email alerts on different batch job result (backup space, backups complete, etc)
I just want to make sure the risk is that Blat could be used for bad stuff (if I chose to), and not that its a "active threat!"
Thanks
Paul