Jump to content

Website is clean but kaspersky says malicious file found


Recommended Posts

I just got a reply from K. analysts:

_______________________________________________________
User type: Active user
Application name: firefox.exe
Application path: C:\Program Files\Mozilla Firefox
Component: Safe Browsing
Result description: Blocked
Type: Trojan
Name: HEUR:Trojan-PSW.Script.Generic
Precision: Heuristic Analysis
Threat level: High
Object type: File
Object name: translate.min.js
Object path: https : // headvape . com/js/mage
MD5 of an object: B45831AD971E3B0343B65F38FC8DF36E
Reason: Expert analysis
Databases release date: Today, 26/05/2022 9:08:00
_______________________________________________________

Quote

 

Hello,

The blocking of this URL is correct.

Best regards, V. G., Malware Analyst
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 http://www.kaspersky.com https://securelist.com
https://opentip.kaspersky.com/ - get insights about suspicious files, hashes, URLs, IP addresses or domain names

 

 

It seems that URL performs an access to that different malicious URL...

  • Like 2
Link to comment
Share on other sites

Accessing to https://www.myrabag.com/ detection is already there, but only if I access via FireFox, but not with Chrome or Opera 🤔:

Quote

User type: Active user
Application name: firefox.exe
Application path: C:\Program Files\Mozilla Firefox
Component: Safe Browsing
Result description: Blocked
Type: Trojan
Name: HEUR:Trojan-PSW.Script.Generic
Precision: Heuristic Analysis
Threat level: High
Object type: File
Object name: translate.min.js
Object path: https://headvape.com/js/mage
MD5 of an object: B45831AD971E3B0343B65F38FC8DF36E
Reason: Expert analysis

 

  • Like 1
Link to comment
Share on other sites

Hi @harlan4096

Please see detection under Chrome :

Spoiler

Event: Download denied
User: DESKTOP
User type: Active user
Application name: chrome.exe
Application path: C:\Program Files\Google\Chrome\Application
Component: Safe Browsing
Result description: Blocked
Type: Trojan
Name: HEUR:Trojan-PSW.Script.Generic
Precision: Heuristic Analysis
Threat level: High
Object type: File
Object name: translate.min.js
Object path: https://headvape.com/js/mage
MD5 of an object: B45831AD971E3B0343B65F38FC8DF36E
Reason: Expert analysis
Databases release date: Today, 31/05/2022 7:46:00

 

  • Like 1
Link to comment
Share on other sites

  • The title was changed to Website is clean but kaspersky says malicious file found

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.