False Positive Submission (generic.ml)

Reply
Highlighted
L1 Bithead

False Positive Submission (generic.ml)

Hello!

 

We have checked our software on VirusTotal and see false positive detection (generic.ml). "Palo Alto Networks" is the only antivirus software which detects malicious behavior in our application. Please fix the issue.
The file is available here.

 

File Hash: SHA-256 49c5b93e1d5fe16113563dd9f537714d0a7d8e631aebfa5e31199473d79ccff2

Link to Virustotal report for the file: https://www.virustotal.com/#/file/49c5b93e1d5fe16113563dd9f537714d0a7d8e631aebfa5e31199473d79ccff2/d...

Current VirustTotal Verdict: One engine detected this file

Actual file: link

 

Thank you!


Accepted Solutions
Highlighted
L7 Applicator

"BuildingLink.com, LLC" has been added to the trusted signer list.

View solution in original post


All Replies
Highlighted
L1 Bithead

Guys, do you have updates on this?

Highlighted
L7 Applicator

Submitted 49c5b93e1d5fe16113563dd9f537714d0a7d8e631aebfa5e31199473d79ccff2 for FP analysis.

If it is confirmed to be Benign, the signature will get disabled within the next 3 business days.

Highlighted
L7 Applicator

Sample 49c5b93e1d5fe16113563dd9f537714d0a7d8e631aebfa5e31199473d79ccff2 has been found to be Benign.

The signature will be disabled with tomorrow's Antivirus release.

Highlighted
L1 Bithead

Thank you very much!

 

I'm curious will the avtivirus sofware detect a new version of the same software as malicious? The new version will have new version numbers, hashes, newer signing date, etc. Do we need to submit every version of the application to be added to "white" list?

Highlighted
L7 Applicator

I'll submit a separate request to evaluate adding the signer of 49c5b93e1d5fe16113563dd9f537714d0a7d8e631aebfa5e31199473d79ccff2 to Palo Alto Networks' trusted signer list.

 

I'll let you know once I hear back from our Threat Researchers.

Highlighted
L7 Applicator

"BuildingLink.com, LLC" has been added to the trusted signer list.

View solution in original post

Highlighted
L1 Bithead

Thank you very much for all your help!

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!