Hey people,

How is someone reading a antivirus scan from virustotal? The summary is the following:

2 security vendors and no sandboxes flagged this file as malicious

Securit Vendor Analysis:

Bkav ProW32.AIDetect.malware2CrowdStrike FalconWin/grayware_confidence_60% (W)

Contacted Ip Adresses:



Crowdsourced Sigma Rules:

Matches rule Failed Code Integrity Checks by Thomas Patzke at Sigma Integrated Rule Set (GitHub)Code integrity failures may indicate tampered executables.

Matches rule Use Remove-Item to Delete File by frack113 at Sigma Integrated Rule Set (GitHub)Powershell Remove-Item with -Path to delete a file or a folder with “-Recurse”

Thank you experts!

submitted by /u/No_Acanthisitta_5135
[link] [comments]