Jump to content

Recommended Posts

I'd uploaded an hex editor's exe to VT (https://virustotal.com/en/file/b6d5b7cda46209a0aa4857f7c0993e1ef2402233ea953fe8e80e73201d1846fd/analysis/1502210954/). It's a benign file but getting detected only by MB (signature: trojan.bayrob.generic) , all other AVs saying it clean.

There is another benign exe file (i can't upload to it VT or share here) which is also getting flagged with locally installed MB (version: Malwarebytes 3.1.2.1733) under the same signature, bayrob.
Could you please check this signature, under which cases this got a hit. Either this signature is about to retire or having severity ? Please help.

 

Link to post
Share on other sites

@shadowwar, when next update will be available for locally installed MB?
Either you'll whitelist the MD5 or will be fixing these FPs by changing the rule for this signature?
 I think rule should be modified or something that work in longer run instead of MD5.

Thanks for all help :)

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.