False Positive Submission (generic.ml)

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

False Positive Submission (generic.ml)

L1 Bithead

Hello!

 

We have checked our software on VirusTotal and see false positive detection (generic.ml). "Palo Alto Networks" is the only antivirus software which detects malicious behavior in our application. Please fix the issue.
The file is available here.

 

File Hash: SHA-256 49c5b93e1d5fe16113563dd9f537714d0a7d8e631aebfa5e31199473d79ccff2

Link to Virustotal report for the file: https://www.virustotal.com/#/file/49c5b93e1d5fe16113563dd9f537714d0a7d8e631aebfa5e31199473d79ccff2/d...

Current VirustTotal Verdict: One engine detected this file

Actual file: link

 

Thank you!

1 accepted solution

Accepted Solutions

"BuildingLink.com, LLC" has been added to the trusted signer list.

View solution in original post

7 REPLIES 7

L1 Bithead

Guys, do you have updates on this?

Submitted 49c5b93e1d5fe16113563dd9f537714d0a7d8e631aebfa5e31199473d79ccff2 for FP analysis.

If it is confirmed to be Benign, the signature will get disabled within the next 3 business days.

Sample 49c5b93e1d5fe16113563dd9f537714d0a7d8e631aebfa5e31199473d79ccff2 has been found to be Benign.

The signature will be disabled with tomorrow's Antivirus release.

Thank you very much!

 

I'm curious will the avtivirus sofware detect a new version of the same software as malicious? The new version will have new version numbers, hashes, newer signing date, etc. Do we need to submit every version of the application to be added to "white" list?

I'll submit a separate request to evaluate adding the signer of 49c5b93e1d5fe16113563dd9f537714d0a7d8e631aebfa5e31199473d79ccff2 to Palo Alto Networks' trusted signer list.

 

I'll let you know once I hear back from our Threat Researchers.

"BuildingLink.com, LLC" has been added to the trusted signer list.

Thank you very much for all your help!

  • 1 accepted solution
  • 4237 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!