First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Trojan found by VirusTotal scan in WireShark Windows 64 bit installer

I ran a VirusTotal check on the latest downloader a few days ago and again today, alerted WireShark on Twitter, but not response or new file.

https://www.virustotal.com/#/file/407...

A user called PayloadSecurity on 2018-08-31 helpfully added this to the VirusTotal comments:

banker #ramnit

submitname:"40701d569f75ba08bd3fb9d79e6841095d6d3001e5d8f1e9f50c996bcf0657ff.exe.bin" falcon-threatscore:55/100 memurl:"Pattern match: http://nsis.sf.net/NSIS_Error,Pattern match: 8.NM/MaC=,Heuristic match: chmCssvK.AX,Heuristic match: h-oq?a.sk,Heuristic match: #Tk/hJ.mK,Heuristic match: 7M+zOm.gu" source:https://www.hybrid-analysis.co...

lmt's avatar
1
lmt
asked 2018-09-05 10:50:32 +0000, updated 2018-09-05 10:51:00 +0000
edit flag offensive 0 remove flag close merge delete

Comments

Have you considered a false positive, since all 64 other scanners give it an all clear?

Jaap's avatar Jaap (2018-09-05 13:00:29 +0000) edit
more
  • delete
add a comment see more comments

1 Answer

0

As per the Wireshark Security page Twitter isn't a supported mechanism for reporting security issues, instead you should use one (or both) of the options listed at the bottom of the page.

I would also note that as only 1 of the 65 scanners at VirusTotal detected an issue with that file, the likelihood is that it's a false positive by that scanner.

grahamb's avatar
23.8k
grahamb
answered 2018-09-05 12:58:19 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer