Jump to content
hendrikus

Possible false positive Malware?

Recommended Posts

So I used MemoryUI loader almost a year ago for a Android emulator hack and it wasn't detected as anything bad back then.

 

Tried the latest version of the program on there website yesterday for different reasons and it quarantined the .exe

Would be nice to know if this is a false positive since I didn't have any problems with it almost a year back.

I hope the file is still intact since Norton was also flagging it, but I know Norton is a bit hyper sensitive.

 

File.zip

Share this post


Link to post
Share on other sites

Nvm now it suddenly does.. Here: hxxps://memorydownloader.net/

Edited by dcollins
Removed live link

Share this post


Link to post
Share on other sites
22 hours ago, hendrikus said:

Nvm now it suddenly does.. Here: hxxps://memorydownloader.net/

The program has a malicious trojan code and is not recommended to use the program.

Virustotal

OWZhYzBhZDhjM.7z

Edited by dcollins

Share this post


Link to post
Share on other sites

It appears that most if not all of the detections on VirusTotal are heuristics/generic hits/detections, meaning the file could actually be malicious or it could just have one or more characteristics that make it appear to be malware such as using a particular kind of compression/encryption (a packer, which many of the detection names appear to indicate) and since a packer can be used for any kind of file, including malware but also safe files, this might in fact be a false positive.  While there are certain packers known to be used by malware authors quite often, it isn't impossible for a developer who isn't creating malware to also use the same one so this isn't the most reliable means of identifying a file as malware (though virtually all security vendors do it in order to play it safe as they'd rather have 1 false positive than allow a lot of malicious files to go undetected).  Once the Malwarebytes Research team has analyzed the file they will classify the item accordingly and whitelist it if it isn't a threat.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.