Jump to content

New domain. Hate to bother y'all.


Go to solution Solved by BjelakovicL,

Recommended Posts

Hey Malwarebytes team. In the last week we registered the new medicat USB domain.

 

It is now being flagged as malicious

 

medicatusb.com
	cdn.medicatusb.com
	url.medicatusb.com

 

This is seperate from the medicatusb.xyz I asked to be whitelisted.

 

WHAT DO YOU GUYS FIND THAT IS MALICIOUS. HOW DO I GET THIS FIXED.

 

 

 

Edited by TeMerc
Disabled links
Link to post
Share on other sites

  • Staff
21 minutes ago, MON5TERMATT said:

Hey Malwarebytes team. In the last week we registered the new medicat USB domain.

 

It is now being flagged as malicious

 

 

medicatusb.com
	cdn.medicatusb.com
	url.medicatusb.com

 

 

This is seperate from the medicatusb.xyz I asked to be whitelisted.

 

WHAT DO YOU GUYS FIND THAT IS MALICIOUS. HOW DO I GET THIS FIXED.

 

 

 

Detection path here: VirusTotal - URL - 4d77aa078064875dfe394d88f7945f95749a393b9cf05e3445dca0d20586057c

File detection: VirusTotal - File - d90fd4a826eea4713b67df9a3724bc17606a024a18e305a6a1317b7bfb3d81db

Link to post
Share on other sites

At this time I cannot remove the file completely from that website because the installer is hard coded to find the update at that url. however I have just changed the code so that it no longer pulls from that file and it should not be needed in about a month once the majority of users have updated to the newest version. 

 

I've also just quit trying to *****ing compile to a exe and we're just going to run batch scripts from now on. The batch script itself before being encoded to exe doesn't flag any antiviruses it's just the damn encoding tool.

 

I would love for this issue to get resolved because we were never running any malware in the first place and you can see that if you just look at the damn code on my GitHub.

 

Thanks a ton.......

Matt

Link to post
Share on other sites

NEW FILE DETECTION (actually a batch file, just renamed because i stupidly hardcoded the download because WGET.

https://www.virustotal.com/gui/file-analysis/YmZiYzhhYjE2ODEwMzZkMWJjZDE2MWE1ODc1YWU2NjA6MTY0MzMyNzE5OA==

 

AND THE (NOW CURRENT) VERSION GOING TO BE USED

https://www.virustotal.com/gui/file-analysis/ZDZhNGM5ZTNkZDY5ZTdiZDhhNjlhMjY3ZTE5OWNiZTU6MTY0MzMyNzI3Ng==

Link to post
Share on other sites

5 minutes ago, MON5TERMATT said:

A quick FYI.

Malwarebytes does not detect bat files. The only thing is if it connects to a detected domain or IP it might get blocked.

Link to post
Share on other sites

Im not saying you did, im saying now that the new file is batch and not a Sussy Wussy EXE that this whole crap is over

because it contacts the domain but its a catch 22 because in order to clear the domain the file needs to be gone....

 

however the new BAT doesnt trigger any A/V's

edit: that was cringe. ignore the sus reference

Edited by MON5TERMATT
Link to post
Share on other sites

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.