Jump to content

Malware.AI.3710351876


hainam

Recommended Posts

Dear support team,

we deliver our customer our selbst written tool, which is compiled from Python to *.exe for Windows user with PyInstaller.

Now it was recorded by you and VirusTotal as a Malware. 

https://www.virustotal.com/gui/file/c03c8d07571f6aba7794a1a36fa17d406fe0eabb672c6974cca9df900be58e8f/detection

The tool is: gemma-client.1.3.77+patched_signed.exe

We have also signed it and also recompiled the PyInstaller as a workaround, but it didn't work.

Could you please whitelist our tool?

For further information, please let us know!

Many thanks!

Hai Nam

Some metadata of the tool which was scanned by VirusTotal

Basic properties

MD5
151d17e773811e812d86220c443832f8
SHA-1
fc76755d0f2c554e2197215947c68227b9bd6beb
SHA-256
c03c8d07571f6aba7794a1a36fa17d406fe0eabb672c6974cca9df900be58e8f
Vhash
0860b76d1565151c0d1d1048z33nzefz
Authentihash
3edd282bc0f0a22cca63a0f90b8db6850556105a771a5a623322a8e853aef3a9
Imphash
d541c786e25e00638e7f09b36c0cdcc3
SSDEEP
196608:Y9ALEPKtKXE1sP7c/KW2OYWQx7cf+3o8WzPF2XzqyBDGkw:OfPKE0iJfbJxofSHm2XzP4kw
TLSH
T1119633AA62E10B16E027D539C087C6317BF071FC1AA5AD1A29DDE1732DD79418F3C86B
File type
Win32 EXE 
executable
windows
win32
pe
peexe
Magic
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
TrID
Win64 Executable (generic) (44.4%)   Win16 NE executable (generic) (21.3%)   Windows Icons Library (generic) (8.7%)   OS/2 Executable (generic) (8.5%)   Generic Win/DOS Executable (8.4%)
Magika
PEBIN
File size
8.30 MB (8706928 bytes)


History

Creation Time
2024-09-19 07:27:30 UTC
First Submission
2024-09-19 12:02:55 UTC
Last Submission
2024-09-19 13:04:36 UTC
Last Analysis
2024-09-19 12:31:01 UTC


Names

gemma-client.1.3.77+patched_signed_cp.exe
gemma-client.1.3.77+patched_signed.exe


Signature info

Signature Verification
Signed file, valid signature


Signers

Revvity, Inc.
Entrust Extended Validation Code Signing CA - EVCS2
Entrust Code Signing Root Certification Authority - CSBR1
Entrust.net


Counter Signers

Entrust Timestamp Authority - TSA2
Entrust Time Stamping CA - TS2
Entrust Code Signing Root Certification Authority - CSBR1
Entrust.net

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.