Jump to content

Maybe Virus


Recommended Posts

This is not the place to post possibly malicious files.

This is the place to seek one-on-one assistance where one believes his/her computer is infected.

Malware or possible malware is only submitted in the Research Center.   There are multiple submission queues each with a particular goal and each has some level of requirements in how the malware is to be submitted.

All viruses are malware but not all malware are viruses.  A 19MB Java Jar is not going to be a virus.  If the Java Jar was malicious, it would be a trojan.

In this case it is not a malicious file and seems to be associated with MineCraft

https://www.virustotal.com/en/file/cf3daa679629572dd0dc48516a9f00f5b2fec36e2d8b2ccdcfb3d21ee1b4bc27/analysis/1489336149/

 

Malwarebytes' Anti-Malware ( MBAM ) does not target scripted malware files.  That means MBAM will not target; JS, JSE,  PY, .HTML, HTA, VBS, VBE, WSF, .CLASS, SWF, SQL, BAT, CMD, PDF, PHP, etc.
It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, RTF, etc.
It also does not target media files;  MP3, WMV, JPG, GIF, etc.

Until MBAM, v1.75, MBAM could not access files in archives but with v1.75 came that ability so it can unarchive a Java Jar (which is a PKZip file) but it won't target the .CLASS files within. Same goes with CHM files (which is a PKZip file) but it doesn't target the HTML files within. MBAM v1.75 and later specifically will deal with; ZIP, RAR, 7z, CAB and MSI for archives. And self-Extracting; ZIP, 7z, RAR and NSIS executables (aka; SFX files).

MBAM specifically targets binaries that start with the first two characters being; MZ
They can be; EXE, CPL, SYS, DLL, SCR and OCX. Any of these files types can be renamed to be anything such as;  TXT, JPG, CMD and BAT and they will still be targeted just as long as the binary starts with 'MZ'.

MZ-binary.jpg

 

 

Edited by David H. Lipman
Edited for content, clarity, spelling and grammar
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.