Feather Wallet - FALSE POSITIVE

[Monero]

Feather Wallet is legitimated Monero cryptocurrency wallet which I have used for a long time but recently it started getting deleted by Kaspersky Antivirus.

You can find it on https : // featherwallet . org /, download, test it, and please update your database ASAP!

Quote

Event: Malicious object detected
Application: feather.exe
User: XXXXXXXXXX
User type: Active user
Component: System Watcher
Result description: Detected
Type: Trojan
Name: PDM:Trojan.Win32.Generic
Threat level: High
Object type: Process
Object path: c:\program files\feather wallet
Object name: feather.exe
Reason: Databases
Databases release date: Yesterday, 16/09/2022 11:50:00

 

[harlan4096]

https://www.virustotal.com/gui/url/dd7979cede543d24ced80fcdff0d448262d27b4f28a7742aa91f98aa7616106e

 

?

[Flood and Flood's wife]

Hi @harlan4096, 

1. Not deleted, assigned Low Restricted, in KTS app control (image 1). 
2. Also, Unknown &, fewer than 100 users, according to KSN (image 2).
3. From the exe: VirusTotal - File - 0affc3e7ba24d0def89b47494abd70d9c2e726556b457c0fbb4e2ef1bb28d8f3

Spoiler

Spoiler

Thank you?
Flood?+?

Edited September 17, 2022 by Flood and Flood's wife

[harlan4096]

I've already reported the URL and also the installer to K. analysts, waiting for the final verdict.

 

https://opentip.kaspersky.com/0AFFC3E7BA24D0DEF89B47494ABD70D9C2E726556B457C0FBB4E2EF1BB28D8F3/results?tab=upload

[harlan4096]

Quote

 

Hello,

This is a false positive of the PDM module.
Detection will disappear within 24 hours.
Thank you for your help.

Sincerely, Alexander
Malware Analyst
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 http://www.kaspersky.com https://securelist.com
https://opentip.kaspersky.com/ - get insights about suspicious files, hashes, URLs, IP addresses or domain names