Author Topic: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)  (Read 25213 times)

Offline andrei.savin

  • Comodo Staff
  • Comodo Loves me
  • *****
  • Posts: 197
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #15 on: February 06, 2017, 11:54:00 AM »
Hello Wisdom,
Thanks for your submission. We'll check the sample you submitted and add detection if necessary.
Best regards,
Andrei Savin
If possible please post your malware submissions as SHA1 lists (created with HashMyFiles or any other software). Always make sure first you have submitted the samples through CIS.

Offline a77841s

  • Comodo's Hero
  • *****
  • Posts: 238
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #16 on: February 10, 2017, 01:53:59 AM »

Offline pavithran

  • Comodo Staff
  • Comodo Family Member
  • *****
  • Posts: 97
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #17 on: February 10, 2017, 01:55:33 AM »
Hi a77841s,

Thank you for your submission.
We'll check them and if found to be malware detection will be added.

Regards,
Pavithran G


Offline ya.q1

  • Comodo Family Member
  • ***
  • Posts: 71
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #18 on: February 10, 2017, 12:31:56 PM »
e40306d8dc24f9987fb4f8e5a4372baa4d88c74c

Offline andrei.savin

  • Comodo Staff
  • Comodo Loves me
  • *****
  • Posts: 197
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #19 on: February 10, 2017, 12:36:48 PM »
Hi,
Thanks for your submission.
We'll check it and add detection if necessary.

Best regards,
Andrei Savin
If possible please post your malware submissions as SHA1 lists (created with HashMyFiles or any other software). Always make sure first you have submitted the samples through CIS.

Offline Wisdom

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1050
  • Default-Deny Protection
    • CFI
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #20 on: February 18, 2017, 10:56:04 AM »
PUA
805e562d2dd87c4df01d8d43a9f7e8cdb8adca71
Heuristics: detecting tomorrow’s threats today

Offline meldan

  • First Response Group
  • Comodo's Hero
  • *****
  • Posts: 3245
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #21 on: February 18, 2017, 03:14:08 PM »
Hi,

Thank you for your submission.
We'll check them and if found to be malware detection will be added.

Kind Regards,
Erik M.

Offline jay2007tech

  • Malware Research Group
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 2170
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #22 on: March 24, 2017, 08:46:54 PM »
https://virustotal.com/de/file/81fdbf04f3d0d9a85e0fbb092e257a2dda14c5d783f1c8bf3bc41038e0a78688/analysis/

MD5 3e1fe086b20c0b84c0443aca0181de2f
SHA1 9e76907e89e7f3e4aebb5c828798bdbbb5bc02e2
SHA256 81fdbf04f3d0d9a85e0fbb092e257a2dda14c5d783f1c8bf3bc41038e0a78688

 Signature verification Signed file, verified signature
Signers    
Quote
  • FOTON

Status Valid
Issuer COMODO RSA Code Signing CA
Valid from 1:00 AM 2/28/2017
Valid to 12:59 AM 12/21/2017
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 9071BA3D0525C6D3CA925E78B02D62DD4F90AD6C
Serial number 00 D0 74 3F FF AD 49 29 A7 C4 82 9A DF 9A 80 9E B0
Quote
  • COMODO RSA Code Signing CA

Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 5/9/2013
Valid to 12:59 AM 5/9/2028
Valid usage Code Signing
Algorithm sha384RSA
Thumbprint B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Serial number 2E 7C 87 CC 0E 93 4A 52 FE 94 FD 1C B7 CD 34 AF
Quote
  • COMODO SECURE?

Status Valid
Issuer COMODO RSA Certification Authority
Valid from 1:00 AM 1/19/2010
Valid to 12:59 AM 1/19/2038
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing, EFS, IPSEC Tunnel, IPSEC User
Algorithm sha384RSA
Thumbprint AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4
Serial number 4C AA F9 CA DB 63 6F E0 1F F7 4E D8 5B 03 86 9D
It's hard being a crooked Admin when the files won't pass an md5checksum test.  But like any other good crooked Admin it can be done, it just takes time(and lots of it) and a few aspirins

Offline Chunli

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 2584
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #23 on: March 24, 2017, 10:51:31 PM »
Hi,jay2007tech

Thank you for your submission.
We'll check them and if found to be malware detection will be added.

Best regards
Chunli.chen

Offline yigido

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 5659
  • COMODO Rocks!
    • Free Comodo Products!
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #24 on: March 30, 2017, 06:43:09 PM »
Reimage installer,
SHA1: 55eceb2d17dc4e95b501ea81f16c8c5e2c1bd754
https://valkyrie.comodo.com/get_info?sha1=55eceb2d17dc4e95b501ea81f16c8c5e2c1bd754

It is trusted on my end
please see: https://vgy.me/pA7D7e.jpg

Please blacklist this software(Adware) vendor.

Thanks
COMODO Cloud Antivirus
Firefox Quantum
Encrypt the web! Use HTTPS Everywhere..
Block spying ads and invisible trackers! Use Privacy Badger..

Offline Chunli

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 2584
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #25 on: March 30, 2017, 09:39:15 PM »
Hi,yigido

Thank you for your submission.
We'll check them and if found to be malware detection will be added.

Best regards
Chunli.chen

Offline KarlChen

  • Newbie
  • *
  • Posts: 1
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #26 on: April 04, 2017, 06:55:46 AM »
Hi,

Viveport (https://www.viveport.com/) have a VR content launcher and we found that all of the VR content exes are isolated when our launcher try to launch them. I just upload one to https://consumer.valkyrie.comodo.com/get_info?sha1=97bb02563070529dbab1eccf3b50520dce1c7292 for your reference. Please kindly let us know how to avoid this.

Thanks.
Karl

Offline pavithran

  • Comodo Staff
  • Comodo Family Member
  • *****
  • Posts: 97
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #27 on: April 04, 2017, 07:29:30 AM »
Hi KarlChen,

Thanks for your submission.
We'll check it and add detection if necessary.

Best regards,
Pavithran G

Offline user5197

  • Newbie
  • *
  • Posts: 11
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #28 on: April 04, 2017, 11:58:30 PM »
im using CCAV , valkyrie pending analysis long time agos and sandbox isolate
PalmInputStartUp.exe
sha 1 - 24D47B8EE1B5D204AC252F6B53FF9E829EFF6285

PalmInputGuard.exe
sha 1 - 06F692CE0FD7E167C9DB50640A4B710006DD4A8E


this is a statistical tools , not malware
SHA1:   fda31fcaf5671c701da8192a827f406ea3970566
« Last Edit: April 05, 2017, 12:05:46 AM by user5197 »

Offline Qiuhui.Wang

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 2103
Re: Report trusted and whitelisted malware here- 2017 (NO LIVE MALWARE!)
« Reply #29 on: April 05, 2017, 12:04:57 AM »
Hi user5197,

Thank you for your submission.
We'll check them and if found to be malware detection will be added.

Best regards
Qiuhui.Wang

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek