Kaspersky detect DDU as a threat

Post Reply
SumTingWong
Posts: 5
Joined: Thu Aug 16, 2018 6:21 pm

Kaspersky detect DDU as a threat

Post by SumTingWong »

Kaspersky detect DDU as a threat. I send the file to Kaspersky, but Kaspersky refuses to remove the detection name.

Kaspersky detect DDU as a threat

Sponsor

Sponsor
 

User avatar
Wagnard
Site Admin
Posts: 1675
Joined: Sat Jul 04, 2015 5:18 pm
Location: 127.0.0.1
Contact:

Re: Kaspersky detect DDU as a threat

Post by Wagnard »

SumTingWong wrote: Fri Aug 17, 2018 1:05 am Kaspersky detect DDU as a threat. I send the file to Kaspersky, but Kaspersky refuses to remove the detection name.
Thabks, already aware.
Please note that it is n'ont detected as a threat but as informative / potentially unwanted app because of PAExec
SumTingWong
Posts: 5
Joined: Thu Aug 16, 2018 6:21 pm

Re: Kaspersky detect DDU as a threat

Post by SumTingWong »

Wagnard wrote: Sat Aug 18, 2018 1:21 pm
SumTingWong wrote: Fri Aug 17, 2018 1:05 am Kaspersky detect DDU as a threat. I send the file to Kaspersky, but Kaspersky refuses to remove the detection name.
Thabks, already aware.
Please note that it is n'ont detected as a threat but as informative / potentially unwanted app because of PAExec
DDU have the same MD5 and SHA-1 hashes with these two malicious apps in which raised a red flag. Why DDU have the same MD5 and SHA-1 with these two malicious apps? The second pictures under Files Names will show the other two malicious apps shared the same hashes as DDU: https://imgur.com/a/LLiVWFK


I believe you guys need to change the hashes on DDU because right now it is associated with these two malicious apps that shared the same hashes as DDU.

In addition, when I uploaded DDU to Virustotal.com, it recognized the file name as 7z.sfx instead of DDU.
SumTingWong
Posts: 5
Joined: Thu Aug 16, 2018 6:21 pm

Re: Kaspersky detect DDU as a threat

Post by SumTingWong »

haanuman wrote: Tue Aug 21, 2018 5:50 am Weird, kaspersky just let it go for me.
Kaspersky still flagged current DDU as a threat. This is a signature based detection as far as I know.
Post Reply