Jump to content
JamesWaffle

Webhook processor flagged as malware

Recommended Posts

Spoiler

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/21/18
Scan Time: 6:40 PM
Log File: 5427980a-052e-11e9-8703-d017c2155c19.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.508
Update Package Version: 1.0.8425
License: Premium

-System Information-
OS: Windows 10 (Build 17134.472)
CPU: x64
File System: NTFS
User: DESKTOP-SPVHB8T\User

-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 1
Threats Detected: 1
Threats Quarantined: 0
Time Elapsed: 0 min, 41 sec

-Scan Options-
Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Generic.Malware/Suspicious, C:\USERS\USER\DOWNLOADS\NACSPAM.EXE, No Action By User, [0], [392686],1.0.8425

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Scan log is above in the spoiler

Program simply sends text to a webhook

I am almost certain that it is not malware.

NacSpam.zip

Share this post


Link to post
Share on other sites

Hi,

Thanks for reporting. This is indeed a false positive. This will be fixed.

Sidenote, other avs do detect this as well, but that's probably because of the way how it works (sending txt to a webhook), which is often seen as suspicious.

Share this post


Link to post
Share on other sites
17 minutes ago, miekiemoes said:

Hi,

Thanks for reporting. This is indeed a false positive. This will be fixed.

Sidenote, other avs do detect this as well, but that's probably because of the way how it works (sending txt to a webhook), which is often seen as suspicious.

Thanks for the help

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.