Post Valkyrie Links in Which You Believe That The Manual Analysis Is Wrong—setup.exe—registry—repair.exe

ADware >:-D—setup—de.exe


vermintide.exe is a game launcher for Warhammer End Times Vermintide and is safe.

Human Expert Analysis Result: PUA


Human Expert Analysis Result: Clean

My personal Analysis Result: NOT CLEAN :a0

Please check the file again !

Malicious Indicators : Matched Compiler/Packer signature Found (Borland Delphi 4.0) , Reads the active computer name , Drops executable files , Contains ability to create named pipes for inter-process communication , Makes a code branch decision directly after an API that is environment aware , Found potential URL in binary/memory

Comodo AV detects it as TrojWare.Win32.Emotet.~AO

Fake “File Converter” Online Downloader


File Domain Indicators : Website Security Checker | Malware Scan | Sucuri SiteCheck

Some suspicious/malicious Indicators : Matched Compiler/Packer signature , Reads the active computer name , Reads the cryptographic machine GUID , Reads the windows installation date , Queries process information , Queries the internet cache settings , Contains ability to start/interact with device drivers , Spawns a lot of processes , Reads configuration files , Drops executable files , Opens the Kernel Security Device Driver , Contains ability to listen for incoming connections , Contacts 8 domains and 1249 hosts. , Multiple malicious artifacts seen in the context of different hosts , Uses network protocols on unusual ports (Multiple TCP connections over Port 6969 and 6881), Sends UDP traffic to various hosts , P2P BitTorrent DHT ping request , P2P Torrent download , HTTP request contains Base64 encoded artifacts

I’ll make it review. Thank you Pio for notification.

Rated safe in valkyrie: Advanced File Analysis System | Valkyrie

Also new VirusScope recognizer detects it as Generic.Trojan[at]13

That’s correct, the file is Trojan.Win32.TrojanDownloader.Injector. Fixed.