He was quite sure that the EXE download that he was hosting was indeed safe, and had tested it with several desktop AntiVirus (AV) programs that had all passed his file as OK.
As it turns out, his file was good, but the wrapping software (to make a 30-day trial out of the program) was old, out of date, and had been hacked by others, on other sites (but apparently not his).
The only way we were made aware of this was by running the file through VirusTotal's website:
VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
They have the ability to upload a file, recognize it uniquely by it's SHA256 hash, and run it against around 60 AV programs, and give you an output:
And even a link that you can share with others so they can view the same results.
I've been looking for something like this for a while, and am glad to see that VirusTotal is making this happen.
Since it's news to me, I'm sharing it with you!
-J
No comments:
Post a Comment