Hello,
I downloaded dcrypt_setup_1.2_beta_3_signed.exe from github and decided to scan it on virustotal and the result was shocking:
16 engines detect it as infected with malware.
https://www.virustotal.com/gui/file/02a ... /detection
What is going on here?
dcrypt_setup_1.2_beta_3_signed.exe infected with malware??
-
gavinseanwb
- Posts: 1
- Joined: Tue Jul 07, 2020 11:06 am
-
DavidXanatos
- Posts: 50
- Joined: Mon Jan 27, 2020 8:05 pm
Re: dcrypt_setup_1.2_beta_3_signed.exe infected with malware??
As far as I can tell this look to me as false positives,
the signed build was signed by a nice guy: viewtopic.php?f=6&p=317#p317 here who's name you can find in the certificate.
I have extracted the installer and uploaded all individual files to virus total and only one has one false positive, also except the signature they are binary identical to the once I provided initially.
Also my original unsigned installer: https://www.virustotal.com/gui/file/586 ... /detection also triggers many false positives.
I'am afraid that wont improve as the DiskCryptor source base was abused in the past a lot by some malwares.
the signed build was signed by a nice guy: viewtopic.php?f=6&p=317#p317 here who's name you can find in the certificate.
I have extracted the installer and uploaded all individual files to virus total and only one has one false positive, also except the signature they are binary identical to the once I provided initially.
Also my original unsigned installer: https://www.virustotal.com/gui/file/586 ... /detection also triggers many false positives.
I'am afraid that wont improve as the DiskCryptor source base was abused in the past a lot by some malwares.