Jump to content
Kaspersky Support Forum

Sample of suspicious file not detected by Kaspersky

citoservices
 Share

Recommended Posts

citoservices

citoservices

Posted
Posted

I have a file that was sent to me from a client whose notebook was infected.

I scanned the file with Kaspersky and Kaspersky informs me that no malicous objects were detected, but that info is incorrect.

The file is malicious.

In the past we could submit files to Kaspersky with our email and receive a response.

I can no longer find this feature anywhere.

Here is a link to a URL that describes what the malicious file contains.

https://www.hybrid-analysis.com/sample/ee7a36e3cdeb1a96908f4ac1c4cc700c95d62491ad6a2fffc0997ce40bfe7638/64749e69d96de4c94f0c0b9d

Link to comment
Share on other sites
citoservices

citoservices

Posted
  • Author
Posted (edited)
On 6/1/2023 at 6:32 PM, harlan4096 said:

Welcome to Kaspersky Community.

 

You can send samples to Kaspersky via this site: KOTIP

 

Log in with Your My Kaspersky credentials, upload the file, when get the verdict, then click on the button to send and fill up the form with Your email address and the comments.

Thanks for your response.

I used the KOTIP link before I created this thread. I uploaded the file and sent it for analysis, but the "cog" on the screen just went round and round and round, I left it for several hours with no feedback from the webpage to tell me if it completed or not.

The file is still not being detected by Kaspersky.

I will use MyKaspersky to send the file.

What I dont understand is why we should have to jump between portals to do this. We should be able to upload files from the "Business Hub" directly (https://cloud.kaspersky.com).

If its possible from the "Business Hub" then i have no found where it is ............

I have tried again to the KOTIP portal, this time I have signed in. "Analyzing..." cog is going round and round ...

Edited by citoservices
Link to comment
Share on other sites
harlan4096

harlan4096

Posted
Posted
Quote

but the "cog" on the screen just went round and round and round, I left it for several hours with no feedback from the webpage to tell me if it completed or not.

Maybe something blocking the KOTIP site in Your browser ?

 

Ok, then Submit object for reanalysis, and type Your email address to get a final verdict from analysts.

Link to comment
Share on other sites
Flood and Flood's wife

Flood and Flood's wife

Posted
Posted
47 minutes ago, citoservices said:

1. It completed! Says its "clean", but I really doubt that!

2. What I don't understand is why we should have to jump between portals to do this. We should be able to upload files from the "Business Hub" directly

Hello @citoservices

Also: 

1. Virus Total report for that hash:

image.thumb.jpeg.5e72ca34d16b4bfa6492721484f5cdff.jpeg

2. IF (you're) having an issue with Kaspersky Business Hub portal?, contact: https://companyaccount.kaspersky.com/account/login: customer support service for corporate clients of Kaspersky. 

Thank you?
Flood?+?

Link to comment
Share on other sites
citoservices

citoservices

Posted
  • Author
Posted
On 6/8/2023 at 5:24 AM, Flood and Flood's wife said:

Hello @citoservices

Also: 

1. Virus Total report for that hash:

image.thumb.jpeg.5e72ca34d16b4bfa6492721484f5cdff.jpeg

2. IF (you're) having an issue with Kaspersky Business Hub portal?, contact: https://companyaccount.kaspersky.com/account/login: customer support service for corporate clients of Kaspersky. 

Thank you?
Flood?+?

Kaspersky still does not detect this file as being malicious ?? What could be the reasons for that ?? Ive always trusted Kaspersky as the premier AV, have been using Kaspersky products for almost two decades now...

I am not having "issues" with Kaspersky Business Hub portal, but thanks for the link anyhow

Link to comment
Share on other sites
harlan4096

harlan4096

Posted
Posted
Quote

 

Hello,

New malicious software was found in the attached file:
Trojan.Win32.Agentb.lcyw
Its detection will be included in the next update.
Thank you for your help.

Best regards, A. M., Malware Analyst
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 http://www.kaspersky.com https://securelist.com
https://opentip.kaspersky.com/ - get insights about suspicious files, hashes, URLs, IP addresses or domain names

 

 

  • Like 1
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...