Jump to content
Kaspersky Support Forum

Question file malware or no?

carlos88

By carlos88
in Virus and Ransomware related questions

 Share

Recommended Posts

carlos88

carlos88

Posted
Posted

Is this Burn_Card_Maker.exe file malware or a false positive? My file in VT had 3 detections, OpenTip Kaspersky cleaned it, and in the hybrid analysis Falcon Sandbox Reports result it was malicious.

https://www.virustotal.com/gui/file/91c707f73b4a0d13d4ad0906ea9cee5925c2fa59c7f54c1d88375c81238d7d1f

https://hybrid-analysis.com/sample/91c707f73b4a0d13d4ad0906ea9cee5925c2fa59c7f54c1d88375c81238d7d1f

https://opentip.kaspersky.com/91C707F73B4A0D13D4AD0906EA9CEE5925C2FA59C7F54C1D88375C81238D7D1F/results?tab=upload

Another person downloaded the file with the same name Burn_Card_Maker.exe other hash and it wasn't detected in VT.

https://www.virustotal.com/gui/file/51174dd7afff02a15084913a1af83469f827d40dfdd8de2bd6f13921b6c5bb88

 

carlos88

carlos88

Posted
  • Author
Posted (edited)

Yes, but nobody answered that last question: why does one same file have 0 detections and another my file has 3 detections in VT?

Edited by carlos88
harlan4096

harlan4096

Posted
Posted

1st link, already replied in MWT, I sent that file to K. analysts, and They said it's clean, those VT detections are false positives.

 

2nd link, nothing to comment, looks clean.

 

Both are different files, same name.

  • Like 1
harlan4096

harlan4096

Posted
Posted

That link it's the file I sent to K. analysts... in general, for now, I better trust a human verdict than an automatic verdict, that often may be quite paranoid.

  • Like 1
carlos88

carlos88

Posted
  • Author
Posted

Human truth is more reliable, but I don't know what it is Falcon Sandbox Reports

 

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...