dcrypt_setup_1.2_beta_3_signed.exe infected with malware??

Post Reply
gavinseanwb
Posts: 1
Joined: Tue Jul 07, 2020 11:06 am

dcrypt_setup_1.2_beta_3_signed.exe infected with malware??

Post by gavinseanwb »

Hello,

I downloaded dcrypt_setup_1.2_beta_3_signed.exe from github and decided to scan it on virustotal and the result was shocking:
16 engines detect it as infected with malware.

https://www.virustotal.com/gui/file/02a ... /detection

What is going on here?

DavidXanatos
Posts: 50
Joined: Mon Jan 27, 2020 8:05 pm

Re: dcrypt_setup_1.2_beta_3_signed.exe infected with malware??

Post by DavidXanatos »

As far as I can tell this look to me as false positives,
the signed build was signed by a nice guy: viewtopic.php?f=6&p=317#p317 here who's name you can find in the certificate.
I have extracted the installer and uploaded all individual files to virus total and only one has one false positive, also except the signature they are binary identical to the once I provided initially.
Also my original unsigned installer: https://www.virustotal.com/gui/file/586 ... /detection also triggers many false positives.

I'am afraid that wont improve as the DiskCryptor source base was abused in the past a lot by some malwares.

Post Reply