autosandbox file rating?

when I excuteed some files rated “needed to be submit”, CIS7 sandboxed that files but CIS8 beta didn’t sandboxed.
so I checked the logs and found that files rated safe.
I wonder that is bug or not.
Is there someone who experienced same situation?

With what files is this happening?

sorry for late replying.
it’s happened several times after using CIS8 beta in my real systems.

today, I experienced that situation again.
this is the file link.
link to live malware removed by moderator
when I checked this file by comodo file look up, it was classified as " needs to be submitted"
but, after I executed the file, it was classified “safe”
so I uploaded the file to CIMA, and this is the result.
CIMA’s result was “suspicious +”
and virus total’s result is here.

[attachment deleted by admin]

It got detected by the AV here with CIS v8 beta 2. I checked and it also gets detected with VT: VirusTotal .

It is digitally signed but not on the TVL. It may have been but it’s hard to tell. Since there has been a window of time between you running v7 and v8 this may have happened. Without more information it’s hard to tell what happened.

I removed the url to the file. We don’t allow links to live malware to protect the innocent. However you can always send the url by pm to interested members.