Jump to content

Quake map decompiler - winbspc.exe


stoo

Recommended Posts

Quake map decompiler: winbspc.exe is being falsely detected as malware.

Log file below:

124b4a1c-b643-11eb-97f4-382c4a73d501.json

69934028FAEE83B41AB853A8B14265D2A8E44D29C1C7F8235C121AECD8F02CF4
{
   "applicationVersion" : "4.3.0.98",
   "chromeSyncResetQueryRequested" : false,
   "chromeSyncResetQueryResult" : false,
   "clientID" : "f13f987e-85e6-11ea-99dd-382c4a73d501",
   "clientType" : "scheduledScan",
   "componentsUpdatePackageVersion" : "1.0.1292",
   "coreDllFileVersion" : "3.0.0.1120",
   "cpu" : "x64",
   "dbSDKUpdatePackageVersion" : "1.0.40476",
   "detectionDateTime" : "2021-05-16T12:34:35Z",
   "fileSystem" : "NTFS",
   "id" : "124b4a1c-b643-11eb-97f4-382c4a73d501",
   "isUserAdmin" : true,
   "licenseState" : "licensed",
   "linkagePhaseComplete" : true,
   "loggedOnUserName" : "System",
   "machineID" : "",
   "os" : "Windows 10 (Build 19042.985)",
   "schemaVersion" : 18,
   "sourceDetails" : {
      "aggressiveMode" : false,
      "clientMetadata" : {
         "jobId" : "",
         "scheduleId" : "",
         "scheduleTag" : ""
      },
      "ddsigEnabled" : true,
      "filesScannedByIG" : 18,
      "objectsScanned" : 412187,
      "scanEndTime" : "2021-05-16T12:45:33Z",
      "scanOnlineStatus" : "online",
      "scanOptions" : {
         "pumHandling" : "detect",
         "pupHandling" : "detect",
         "scanArchives" : true,
         "scanFileSystem" : true,
         "scanMemoryObjects" : true,
         "scanPUMs" : true,
         "scanPUPs" : true,
         "scanRookits" : false,
         "scanStartupAndRegistry" : true,
         "scanType" : "threat",
         "useHeuristics" : true
      },
      "scanResult" : "completed",
      "scanStartTime" : "2021-05-16T12:34:35Z",
      "scanState" : "completed",
      "shurikenEnabled" : true,
      "type" : "scan"
   },
   "threats" : [
      {
         "ddsSigFileVersion" : "01247723",
         "linkedTraces" : [

         ],
         "mainTrace" : {
            "archiveMember" : "",
            "archiveMemberMD5" : "",
            "cleanAction" : "ignore",
            "cleanContext" : {
            },
            "cleanResult" : "ignored",
            "cleanResultErrorCode" : 0,
            "cleanTime" : "2021-05-16T12:47:28Z",
            "generatedByPostCleanupAction" : false,
            "hubbleRequestErrorCode" : 0,
            "id" : "96cfe21a-b644-11eb-b852-382c4a73d501",
            "igExitCode" : "0x00010001",
            "isPEFile" : true,
            "isPEFileValid" : true,
            "linkType" : "none",
            "objectMD5" : "7BA3DCD1A6083E64AAE013A3D47AE224",
            "objectPath" : "C:\\USERS\\STOO\\DESKTOP\\QUAKE2021\\WINBSPC\\WINBSPC.EXE",
            "objectSha256" : "5F46E7BA4BFF814C67FE2D4A2FDF2454DDA822FC80BE8180C613DEC0BB87482A",
            "objectSize" : 108032,
            "objectType" : "file",
            "resolvedPath" : "C:\\Users\\stoo\\Desktop\\quake2021\\winbspc\\winbspc.exe",
            "suggestedAction" : {
               "archiveDir" : false,
               "chromeExtensionOther" : false,
               "chromeExtensionPreferences" : false,
               "chromeExtensionSecurePreferences" : false,
               "chromeExtensionSyncData" : false,
               "chromeUrlOther" : false,
               "chromeUrlSecurePreferences" : false,
               "chromeUrlSyncData" : false,
               "chromeUrlWebData" : false,
               "disableHubbleWhiteListing" : true,
               "disableSignatureWhiteListing" : true,
               "fileDelete" : true,
               "fileReplace" : false,
               "fileTxtReplace" : false,
               "folderDelete" : false,
               "isChromeObject" : false,
               "isDDS" : true,
               "isDoppleganging" : false,
               "isExternalDetection" : false,
               "isPUP" : false,
               "isShuriken" : false,
               "isWMIEventConsumer" : false,
               "killProcess" : false,
               "minimalWhiteListing" : false,
               "moduleUnload" : false,
               "noLinking" : false,
               "physicalSectorReplace" : false,
               "priorityHigh" : false,
               "priorityNormal" : false,
               "priorityUrgent" : false,
               "processUnload" : false,
               "regKeyDelete" : false,
               "regValueDelete" : false,
               "regValueReplace" : false,
               "shortcutReplace" : false,
               "silentMode" : false,
               "singleDelete" : false,
               "treatAsRootkit" : false,
               "useDDA" : false,
               "verifyResolvedPath" : true,
               "whitelistCheckError" : false
            },
            "winVerifyTrustResult" : {
               "expectedError" : true,
               "lastErrorCode" : -2146762496,
               "wvtCalled" : true,
               "wvtResult" : -2146762496
            }
         },
         "ruleID" : 0,
         "ruleString" : "4",
         "rulesVersion" : "1.0.40476",
         "srcEngineComponent" : "dds",
         "srcEngineThreatNames" : [
            "Malware.Sandbox.4",
            "Malware.Heuristic.1004"
         ],
         "threatID" : 4,
         "threatName" : "Malware.Sandbox.4"
      }
   ],
   "threatsDetected" : 1
}

 

winbspc.zip

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.