ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.
No longer considered malicious. Here are the found reasons for the original Malware verdict. <summary> <entry details="Http request without User-Agent" id="2049" score="0.45">Http request without User-Agent</entry> <entry details="Legitimate software creates or modifies files to preserve data across system restarts. Malware may create or modify files to deliver malicious payloads or maintain persistence on a system." id="3" score="0.1">Created or modified a file</entry> <entry details="The Windows Registry houses system configuration settings and options, including information about installed applications, services, and drivers. Malware often modifies registry data to establish persistence on the system and avoid detection." id="13" score="0.1">Modified the Windows Registry</entry> <entry details="Portable Executable images contain sections with different access and execution permissions. These sections are built statically during compilation, and runtime modifications indicate binary obfuscation techniques." id="142" score="0.3">Modified Portable Executable image sections at runtime</entry> <entry details="Compatibility issues and missing resources might cause legitimate applications to crash. However, malware also often crashes applications as a side-effect of attempting to exploit them, and may still be successful in spite of the crash." id="81" score="0.3">Crashed when loaded</entry> <entry details="The HTTP POST method requests that a system accept the data enclosed in the body of the message. Malware often uses the POST method to exfiltrate large blocks of data over HTTP." id="19" score="0.45">Used the HTTP POST method</entry> <entry details="Malware often enumerates running processes before injecting malicious code into them." id="2036" score="0.0">Enumerated running processes</entry> </summary>
... View more