F-SecureOnlineScanner detected as BScope.Trojan.Conteban
Hello
F-SecureOnlineScanner.exe from https://www.f-secure.com/es/home/products#free
has a trojan by VirusTotal and YOMI as BScope.Trojan.Conteban
MD5 9fe20be80fe84afe3410f468d0a4446d
SHA-1 7a21d6fa1f913be39ddeaa16997c4caf6b721a2b
SHA-256 678cefce5fece0ffc76e692a403ec2060c5a27771a89f9fca9848938df732015
Vhash 096056655d15556128z64dz3pz
Authentihash 156efa845cc344141d0e211aeca27cb03cee4190462669314506232447d82131
Imphash e0ba9f4e82f13f8475c0a7696a7747b6
SSDEEP 196608:yVHJoLZUBPeRwFbCVDE0UYjvYyeNahbA8SyKo/:yVY6BPeWiE0ljvYy8ahbqyKi
File type Win32 EXE
Magic PE32 executable for MS Windows (GUI) Intel 80386 32-bit
File size 9.34 MB (9794976 bytes)
F-PROT ZIP
How its possible?
😡
Thanks
Comments
-
Hello,
I am only an F-Secure user (their home solutions).
Sounds that it can be a false positive ( https://www.f-secure.com/v-descs/false_positive.shtml ) detection by VBA32. And wrong suspicion by another company. Actually, only VBA32 with detection name "BScope.Trojan.Conteban". And second company with generic name about suspicion that it is malware.
Since other engines with no detection - maybe these two are mistakes. Maybe you could try to contact them and to report about it.
Alternatively, you can try to submit executable to F-Secure Labs for doublecheck with mention virustotal results:
- www.f-secure.com/en/business/support-and-downloads/submit-a-sample
However current detection by VBA32 is only their claim/suspicion and not a real indication of any malicious payload with F-Secure Online Scanner.
Thanks!
🚩 What Do You Think?
We’d love your thoughts on our fresh look! Quick survey, big impact!