Page 1 of 1
Kaspersky detect DDU as a threat
Posted: Fri Aug 17, 2018 1:05 am
by SumTingWong
Kaspersky detect DDU as a threat. I send the file to Kaspersky, but Kaspersky refuses to remove the detection name.
Re: Kaspersky detect DDU as a threat
Posted: Sat Aug 18, 2018 1:21 pm
by Wagnard
SumTingWong wrote: ↑Fri Aug 17, 2018 1:05 am
Kaspersky detect DDU as a threat. I send the file to Kaspersky, but Kaspersky refuses to remove the detection name.
Thabks, already aware.
Please note that it is n'ont detected as a threat but as informative / potentially unwanted app because of PAExec
Re: Kaspersky detect DDU as a threat
Posted: Sat Aug 18, 2018 2:46 pm
by SumTingWong
Wagnard wrote: ↑Sat Aug 18, 2018 1:21 pm
SumTingWong wrote: ↑Fri Aug 17, 2018 1:05 am
Kaspersky detect DDU as a threat. I send the file to Kaspersky, but Kaspersky refuses to remove the detection name.
Thabks, already aware.
Please note that it is n'ont detected as a threat but as informative / potentially unwanted app because of PAExec
DDU have the same MD5 and SHA-1 hashes with these two malicious apps in which raised a red flag. Why DDU have the same MD5 and SHA-1 with these two malicious apps? The second pictures under Files Names will show the other two malicious apps shared the same hashes as DDU:
https://imgur.com/a/LLiVWFK
I believe you guys need to change the hashes on DDU because right now it is associated with these two malicious apps that shared the same hashes as DDU.
In addition, when I uploaded DDU to Virustotal.com, it recognized the file name as 7z.sfx instead of DDU.
Re: Kaspersky detect DDU as a threat
Posted: Tue Aug 21, 2018 6:46 pm
by SumTingWong
haanuman wrote: ↑Tue Aug 21, 2018 5:50 am
Weird, kaspersky just let it go for me.
Kaspersky still flagged current DDU as a threat. This is a signature based detection as far as I know.