Author Topic: FP  (Read 841 times)

Offline pio

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 580
  • I like CIS , Kali Linux , IDA Pro & Fl Studio ;)
« Last Edit: November 01, 2017, 05:06:09 PM by pio »
*** Paranoid Bastard since CIS 3.5 ! Independent - NON Profit Malware Analyst ***

Offline Aravindhraj J

  • Comodo Staff
  • Comodo Family Member
  • *****
  • Posts: 77
Re: FP
« Reply #1 on: November 01, 2017, 12:01:35 AM »
Hi pio,

Thank you for reporting this.
We'll check it and get back to you soon.

Best regards
Aravindhraj J

Offline Aravindhraj J

  • Comodo Staff
  • Comodo Family Member
  • *****
  • Posts: 77
Re: FP
« Reply #2 on: November 01, 2017, 04:27:47 AM »
Hi pio,

This is to inform you that the file you have submitted has been checked and it is not a false-positive.
leaktest.exe SHA1:ef41db76b1f0252bf3b10ede0f7bed58f072884f

Best regards
Aravindhraj J

Offline pio

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 580
  • I like CIS , Kali Linux , IDA Pro & Fl Studio ;)
Re: FP
« Reply #3 on: November 01, 2017, 04:53:43 AM »
Hi Aravindhrai J ,

please can anybody tell me where the malicious behaviour is ? I cant find any ..... !!! It has some PE Anomalies but for me it shows no behavior that would be against his nature. It's a leak test program, it has to do some malicious things . Anyway the File comes also from a Signed Security Site  !!! So please can tell me anybody where the Problem is ?  ;)

Thank you !!!!! 
« Last Edit: November 01, 2017, 04:57:13 AM by pio »
*** Paranoid Bastard since CIS 3.5 ! Independent - NON Profit Malware Analyst ***

Offline pio

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 580
  • I like CIS , Kali Linux , IDA Pro & Fl Studio ;)
Re: FP
« Reply #4 on: November 01, 2017, 05:07:56 PM »
CAV Detection at vt has been removed. I rate this as fixed !  ;)  :-TU

Thx !!!
*** Paranoid Bastard since CIS 3.5 ! Independent - NON Profit Malware Analyst ***

Offline pio

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 580
  • I like CIS , Kali Linux , IDA Pro & Fl Studio ;)
Re: FP
« Reply #5 on: November 02, 2017, 02:57:41 AM »
The Comodo VT Verdcit is back ! ??? And nobody can me explain for what reason !  :-\ I'am bit disaponted !!! The File is on VT since 12 Years and have only a relativly small group of false positiv detections . If it were really harmful, it would probably be much more . As a further incidental indication .... !!!

So I've checked the File intensivly and i can't find any malicious or risky behaviour !!! I would really like to understand how your Verdict came about and what indicators it is based on .

Generally , I think it's better to work together than against each other !!!  88)

Kaspersky Application Advisor Verdict : http://whitelist.kaspersky.com/advisor#search/206c0533ce9bf83ecdf904bec2f3532d
« Last Edit: November 02, 2017, 03:00:43 AM by pio »
*** Paranoid Bastard since CIS 3.5 ! Independent - NON Profit Malware Analyst ***

Offline Ionel

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3535
Re: FP
« Reply #6 on: November 02, 2017, 10:55:41 AM »
Hi pio,

Please check this.

Regards,
Ionel

Offline pio

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 580
  • I like CIS , Kali Linux , IDA Pro & Fl Studio ;)
Re: FP
« Reply #7 on: November 08, 2017, 02:47:42 AM »
Hi Ionel ,

thank you for the Link and sorry for my late reply, but I was visiting my mother and couldn't go online there and on my mobile phone , i don´t want internet , if it can be avoided. .  ;)

I can confirm that the file was used as part of malware a long time ago . From this perspective , you could classify it that way , but I can still not confirm that the named file itself has a harmful behavior . So regarding the criteria described in the link ,  I can understand your classification in a better way now .

In some cases it is and remains simply a definitional matter .

Thanks again and Best Regards !!!
pio
« Last Edit: November 08, 2017, 04:03:31 AM by pio »
*** Paranoid Bastard since CIS 3.5 ! Independent - NON Profit Malware Analyst ***

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek