Jump to content
Tiergan

Video game titled "Hades" marked as ransomeware.

Recommended Posts

I downloaded and am playing a game called "Hades" that is installed via the Epic Games launcher.  Malwarebytes shutdown my game in the middle of play and flagged it as ransomware.  Doing a bit of googling, I found out there's actually some ransomware with the same name.  Attached the log.

hades_game_malwarebytes.txt

Share this post


Link to post
Share on other sites

I can't. I suddenly don't have permission to zip the file. Did malwarebytes change my permissions when it blocked it as ransomware?

Share this post


Link to post
Share on other sites

Is there no way at all I can tell Malwarebytes to unblock or whitelist it? 

Share this post


Link to post
Share on other sites

Hi,

Just temporary disable the antiransomware component. You can do this via the system tray, right click the malwarebytes icon and select to disable antiransomware.

 

Then add the file to your exclusions:

* To add the exclusion, open Malwarebytes > Settings > Exclusions tab

* Below, click the button: "Add Exclusion"

* Then, select "Exclude a File or Folder" (this should be prechecked already by default)

* Click Next

* You'll see a field that says: "Specify a File or Folder" - there, click the button "Select Files..." and browse to the file you want to exclude.

* For "How to Exclude", select: "Exclude from detection as malware, ransomware or potentially unwanted item" (this is normally also selected by default already)

* Then click the OK button below.

 

Then reboot, as that unlocks the file again, so you can zip and attach it.

Then enable malwarebytes antiransomware again.

Share this post


Link to post
Share on other sites

Here's the zip. Thank you.  The game is still in Early Access so it will be updating periodically.

Hades.zip

Share this post


Link to post
Share on other sites

Thanks.

This is a false positive indeed - behavorial detection. This is whitelisted now.

 

Share this post


Link to post
Share on other sites

You may have whitelisted this, but I just had Hades (game) locked as ransomware too. (Oct 29, 2019), so it's apparently broken again.

Share this post


Link to post
Share on other sites

Hi,

Please see above how to add an exclusion.

Additionally, Please zip and attach the exact file that was blocked, as it might be different than above one.

Thanks!

Share this post


Link to post
Share on other sites

It's the same game as the post above. When it happened, I googled it and that's how i got this thread. That said, the game has updated a number of times since August, so the exe has no doubt changed. The game is sold by Epic Games, and has both 32-bit and 64-bit exe's. I've attached both. I renamed the files accordingly, but both files actual name is hades.exe

 

thanks

hades false positive.zip

Share this post


Link to post
Share on other sites

Here's the report that MBAM generated:

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 10/29/19
Protection Event Time: 4:09 PM
Log File: 0479d250-fa88-11e9-b777-7085c23887fd.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.629
Update Package Version: 1.0.13107
License: Premium

-System Information-
OS: Windows 10 (Build 18362.418)
CPU: x64
File System: NTFS
User: System

-Ransomware Details-
File: 1
Malware.Ransom.Agent.Generic, Z:\Epic\Hades\x64\Hades.exe, Blocked, [0], [392685],0.0.0


(end)

Share this post


Link to post
Share on other sites

Thanks.

It was the 64bits version that was whitelisted before. I've now whitelisted the 32bits version.

This should no longer be detected anymore.

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.