topic Re: False Positive : generic.ml in VirusTotal

False Positive : generic.ml

RawMain — Fri, 04 Jan 2019 02:19:23 GMT

Hello

These 2 files belong to official package 3.1.7.7 for SuperR's Kitchen - Donate (not free) version - checked & approved by XDA.

- https://www.virustotal.com/#/file/32d2cbedf45e7dc8fde686bbefd6a9c2f1b0ca7a8fce271e935188726bac7da8/detection

SHA-256File nameFile sizeLast analysis

32d2cbedf45e7dc8fde686bbefd6a9c2f1b0ca7a8fce271e935188726bac7da8

ramdisk.exe

1.31 MB

2019-01-04 02:00:09 UTC

- https://www.virustotal.com/#/file/04c40d3d7e736a7bed42dc5067b3e796b3fd035fcc1527b38041aaf700dede50/detection

SHA-256File nameFile sizeLast analysis

04c40d3d7e736a7bed42dc5067b3e796b3fd035fcc1527b38041aaf700dede50

superr.exe

2.39 MB

2019-01-04 02:00:15 UTC

They triggered several AV engines because they use Pyinstaller module even thought there is no malicious code/activity.

I'm helping its developer for the reassessment requests = many major AV vendor have already reclassified & whitelisted it.

I can't provide You obviously the full package, but I'm leaving a temporary link to download just those 2 specific files .

- https://www.sendspace.com/file/x49xuz

ZIP Password = infected

Thanks in advance

Re: False Positive : generic.ml

kkawachi — Fri, 04 Jan 2019 02:43:47 GMT

Hi please let us dig into the samples in question.

We will keep you updated once we get an update.

Best

-Koji

Re: False Positive : generic.ml

kkawachi — Tue, 08 Jan 2019 03:10:19 GMT

Sorry for my delay in responding.

We reviewed both of your samples and now the verdict for both have been "Clean".

https://www.virustotal.com/#/file/04c40d3d7e736a7bed42dc5067b3e796b3fd035fcc1527b38041aaf700dede50/detection

https://www.virustotal.com/#/file/32d2cbedf45e7dc8fde686bbefd6a9c2f1b0ca7a8fce271e935188726bac7da8/detection

Please check the above VT links for the latest information for our analysis result.

Best

-Koji