Are you saying you can't share it because it was only on VT, and you don't have the original any more?
Mark On Sun, 21 Oct 2018, 19:06 Ryan Carboni, <rya...@gmail.com> wrote: > I have obtained a file that I believe is government malware. It hashes > to D7161581BAAA04FC2E515BF724CC2CC17C2520A3574717D53A8F9D638E3D30F, and is > signed by Microsoft. > > This should be the appropriate link: > https://www.virustotal.com/en/file/D7161581BAAA04FC2E515BF724CC2CC17C2520A3574717D53A8F9D638E3D30F > > However when trying to archive the link, the link comes up as 404. > https://archive.fo/d0eR0 <http://archive.fo/d0eR0> I have a photograph of > the virustotal scan, while I believe I am pwned, the government is well > aware of the first amendment concerns of altering photographs in a person’s > possession as opposed to merely suppressing scans or whatever balancing > test they hide away from us. I could upload the screenshots, but I’m using > a different computer right now and I’m a bit on edge from all this. > > It is not inconceivable that the FBI and virustotal are cooperating with > known file hashes and are suppressing them from public view, especially > given that virustotal gives access to uploaded files to major cyber > security and antivirus firms. > > I would like to know the process in which these irregularities occur, and > whether or not there are consequences for misuse of valid activities for > corrupt ends and what checks are there on it. > > Maybe the relevant civil liberties concerns could investigate. >