False Positive Removal Request

Reply
L0 Member

False Positive Removal Request

Hi,

 

Today I've got a request from one of my customers that Deleaker, a popular C++ profiler, is dected as malware by TRAPS from Palo Alto Networks.

 

File Hash: fe7e560f4cf440ffb7dd79fb8001c43c8760b3015aad0f677ddc99fde156e2f2

 

Here the virustotal report: 

https://www.virustotal.com/#/file/fe7e560f4cf440ffb7dd79fb8001c43c8760b3015aad0f677ddc99fde156e2f2/d...

 

VirustTotal verdict: No engines detected this file

 

Description: DeleakerSetup_2018.37.0.0.exe is an installer of Deleaker.

 

The installer itself and all files being installed are code signed.

 

The installer can be downloaded here

 

Please fix it ASAP as customer can't install Deleaker.

L3 Networker

Re: False Positive Removal Request

HI Artem.Razin

 

This SHA256=  fe7e560f4cf440ffb7dd79fb8001c43c8760b3015aad0f677ddc99fde156e2f2 is already benign. 

This is a trap message, we think it was blocked by your traps client. 

Please open a support case with traps team with threat log, threat-ID or signature is been triggered. 

 

 

Thanks 

Himani 

L0 Member

Re: False Positive Removal Request

Himani,

 

Thank you for the fast reply.

 

I am sorry, probably I misunderstood you.

 

Do you mean this file is already whitelisted?

 

Thank you.

L3 Networker

Re: False Positive Removal Request

Hi Artem.Razin, 

 

The file is blocked by traps; it could be a false positive case but with traps, not the wildfire. In the wildFire, this file is not identified as malware.  By opening a case with traps, the team can be useful.

 

Thanks

Himani

 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!