Re: Off topic, Media Extra
@nidza07, first, post 22 is where the reference was made. Second, I'm now running the actually installed program (in a sandbox) through virus total. It returns... 22 out of 70. That's a 31.42 percent detection, out of a mere 16.66 or so percent for TGTR. That's an approximate 14.76 percent increase. Not much, eh? Until you look at some of these... Ad-Aware, ALYac, Antiy-AVL, Arcabit, BitDefender, CAT-QuickHeal, Cybereason, Cyren, Emsisoft, eScan, F-Prot, F-Secure, GData, Jiangmin, MAX, McAfee-GW-Edition, Rising, SentinelOne, Symantec, Trapmine, VBA32, and Yandex. Here are the good ol results:
SHA-256
7c31be397073f5772562a1a27a3b11a1bb7f5a4bce77ed7eec117065340043f1
File name
MediaExtra.exe
File size
3.58 MB
Last analysis
2018-12-30 22:00:18 UTC
Detection
Details
Community
Ad-Aware
Gen:Variant.Ransom.1166
ALYac
Gen:Variant.Ransom.1166
Antiy-AVL
Trojan[Backdoor]/MSIL.SpyGate
Arcabit
Trojan.Ransom.D48E
BitDefender
Gen:Variant.Ransom.1166
CAT-QuickHeal
Trojan.IGENERIC
Cybereason
malicious.6b84b7
Cyren
W32/S-513ec574!Eldorado
Emsisoft
Gen:Variant.Ransom.1166 (B)
eScan
Gen:Variant.Ransom.1166
F-Prot
W32/S-513ec574!Eldorado
F-Secure
Gen:Variant.Ransom.1166
GData
Gen:Variant.Ransom.1166
Jiangmin
Trojan.Agent.bphf
MAX
malware (ai score=80)
McAfee-GW-Edition
BehavesLike.Win32.HToolLazagne.wc
Rising
Malware.Heuristic.MLite(100%) (AI-LITE:DQAy+gq94eZuILl0D7R0hQ)
SentinelOne
static engine - malicious
Symantec
ML.Attribute.HighConfidence
Trapmine
suspicious.low.ml.score
VBA32
Trojan.Agent
Yandex
Trojan.Agent!jKOS93FSwZw
Acronis
Clean
AegisLab
Clean
AhnLab-V3
Clean
Alibaba
Clean
Avast
Clean
Avast Mobile Security
Clean
AVG
Clean
Avira
Clean
Babable
Clean
Baidu
Clean
Bkav
Clean
ClamAV
Clean
CMC
Clean
Comodo
Clean
CrowdStrike Falcon
Clean
Cylance
Clean
DrWeb
Clean
eGambit
Clean
Endgame
Clean
ESET-NOD32
Clean
Fortinet
Clean
Ikarus
Clean
K7AntiVirus
Clean
K7GW
Clean
Kaspersky
Clean
Kingsoft
Clean
Malwarebytes
Clean
McAfee
Clean
Microsoft
Clean
NANO-Antivirus
Clean
Palo Alto Networks
Clean
Panda
Clean
Qihoo-360
Clean
Sophos AV
Clean
Sophos ML
Clean
SUPERAntiSpyware
Clean
TACHYON
Clean
Tencent
Clean
TheHacker
Clean
TrendMicro
Clean
TrendMicro-HouseCall
Clean
Trustlook
Clean
VIPRE
Clean
ViRobot
Clean
Webroot
Clean
Zillya
Clean
ZoneAlarm
Clean
Zoner
Clean
Symantec Mobile Insight
Unable to process file type
You can find all the info at https://www.virustotal.com/#/file/7c31b … 5340043f1. Also, it seems this app was written in Python, Python 3.6, to be exact. So, that's even more evidence to suggest -- with an even higher rate of confidence -- that this is malicious.
-- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
