Palo Alto Networks generic.ml: JRS_SLE.EXE

Announcements
Attention: The LIVEcommunity is experiencing an interruption with videos in some areas. We apologize for any inconvenience this may cause. Thank you for your patience as we work towards a solution to restore videos.
Reply
Highlighted
L1 Bithead

Palo Alto Networks generic.ml: JRS_SLE.EXE

I'm reporting a false positive for the file: JRS_SLE.EXE. On Virustotal.com Palo Alto Networks flags the file as "generic:ml" when, in fact, the program is harmless. It's actually part of our anti-piracy protection. I wrote and compiled the program. Furthermore, the file is signed by Jurik Research Software, Inc. with a digital certificate. If Palo Alto Networks need a copy of the file or further information, let me know.

Tags (1)

Accepted Solutions
Highlighted
L1 Bithead

Re: Palo Alto Networks generic.ml: JRS_SLE.EXE

The hash is correct, but some explanation is in order. Yesterday, I noticed that the file listed on VirusTotal was a little out of date, so I uploaded the current version (which will soon be updated again) and the detection results changed. Now, 6 out of 64 engines detect it as malware, and Palo Alto Networks is not listed as detecting it or showing it as clean.

 

Perhaps you have some idea why it's not appearing in either group now.

View solution in original post


All Replies
Highlighted
L3 Networker

Re: Palo Alto Networks generic.ml: JRS_SLE.EXE

Hello, 

 

Please provide the following information so that we may assist you further:

 

File Hash: <hash>

Link to Virustotal report for the file: <link>

Current VirustTotal Verdict: <verdict>

 

Highlighted
L1 Bithead

Re: Palo Alto Networks generic.ml: JRS_SLE.EXE

Thanks for the repy.

 

SHA-256 19d4d041a07c50fdf3a828f2676869d99ac14fb13f43ca8d3c66fc9a6daabe91

 

https://www.virustotal.com/#/file/19d4d041a07c50fdf3a828f2676869d99ac14fb13f43ca8d3c66fc9a6daabe91/d...

 

I'm not sure what you mean by verdict, but 8 of 69 malware engines falsely detect the file as being malware.

 

Highlighted
L6 Presenter

Re: Palo Alto Networks generic.ml: JRS_SLE.EXE

I don't see any generic:ml for that sample for Palo Alto Networks. We have made no changes.

Do you have the right sha256?

Highlighted
L1 Bithead

Re: Palo Alto Networks generic.ml: JRS_SLE.EXE

The hash is correct, but some explanation is in order. Yesterday, I noticed that the file listed on VirusTotal was a little out of date, so I uploaded the current version (which will soon be updated again) and the detection results changed. Now, 6 out of 64 engines detect it as malware, and Palo Alto Networks is not listed as detecting it or showing it as clean.

 

Perhaps you have some idea why it's not appearing in either group now.

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!