- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
10-26-2018 06:11 AM
Hi,
Today I've got a request from one of my customers that Deleaker, a popular C++ profiler, is dected as malware by TRAPS from Palo Alto Networks.
File Hash: fe7e560f4cf440ffb7dd79fb8001c43c8760b3015aad0f677ddc99fde156e2f2
Here the virustotal report:
VirustTotal verdict: No engines detected this file
Description: DeleakerSetup_2018.37.0.0.exe is an installer of Deleaker.
The installer itself and all files being installed are code signed.
The installer can be downloaded here
Please fix it ASAP as customer can't install Deleaker.
10-26-2018 10:27 AM - edited 10-26-2018 12:01 PM
HI Artem.Razin
This SHA256= fe7e560f4cf440ffb7dd79fb8001c43c8760b3015aad0f677ddc99fde156e2f2 is already benign.
This is a trap message, we think it was blocked by your traps client.
Please open a support case with traps team with threat log, threat-ID or signature is been triggered.
Thanks
Himani
10-27-2018 08:30 AM
Himani,
Thank you for the fast reply.
I am sorry, probably I misunderstood you.
Do you mean this file is already whitelisted?
Thank you.
10-27-2018 11:07 PM
Hi Artem.Razin,
The file is blocked by traps; it could be a false positive case but with traps, not the wildfire. In the wildFire, this file is not identified as malware. By opening a case with traps, the team can be useful.
Thanks
Himani
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!