Bitdefender allows this (possibly infected) Trojan/Keylogger/APT_DustSquad_PE execution
So I received this file from an online friend I've known for literally years and years. Scanned it with VirusTotal, scanned it with Bitdefender no reports. I haven't noticed any exfiltration of data, but I am naturally suspicious person, and checking it on JoeSandbox and Filescan.io it appears like maybe it might be running powershell and it definitely extracts and runs something unexpected, but no warning from Bitdefender when I ran the EXE and a safe mode environment scan also finds nothing.
Not wanting to freak out, but also not sure why it is going undetected unless maybe it is currently dormant enough that Bitdefender isnt seeing it as a threat. I wonder if it is just lying in wait for that moment when the malicious actor uses it to do something nefarious.
Not sure what to check next to increase my comfort level that this hasn't already screwed me in some way.
Thanks.
*EDITED BY @Gjoksi
"Posting malware samples and /or URLs is not allowed in the community! Do not post direct links to any executable files, malicious/suspicious software or websites in threads, comments or private messages, even if you think the software or site is clean and incorrectly detected by Bitdefender."
Comments
-
Hello.
Only the anti-malware researchers at Bitdefender Labs can help you with the issue.
Create a log file on your Windows device using Bitdefender Support Tool, by following these steps:
and
create a log file on your Windows device using BDsysLog, by following these steps:
Next, contact Bitdefender Consumer Support by e-mail:
with short description of the issue.
After that, you will get an automated reply by the Bitdefender Customer Care Team, with your ticket number.
Now, in reply to that automated reply, you can send the log files you already created in the first step.
Since you are all done, just wait for the support engineers to investigate your issue and find a solution to fix the issue.
Remember that the log files will help a lot to the support engineers for better and faster investigation on your issue and finding a solution.
NOTE: If any of the log file is larger than 25MB, you can upload the log file here:
After the upload is done, you will get a notification with the file's URL and then you can share the file's URL with the Bitdefender Consumer Support.
Regards.
2 -
Additionally, I have shared the sample with the Bitdefender malware research team via Bitdefender support and will update this post once there is any confirmation regarding the submitted sample outcome.
Regards
Life happens, Coffee helps!
Show your Attitude, when you reach that Altitude!
Bitdefender Ultimate Security Plus (user)
1 -
I have received a reply from Bitdefender malware researchers via Bitdefender support. The submitted file has been confirmed to be clean and not malicious. Below is the image of the reply I received.
I also shared the link to this particular Bitdefender Community forum post with them so they could review the explanation and understand why the file is believed to be malicious.
Additionally, VirusTotal does not show any well-known anti-malware vendors detecting the file as malicious. Below is the link to the VirusTotal report as well.
https://www.virustotal.com/gui/file/9cf1673b4d17f5559b37fddc4d2f9fe12cbb36e0add479ca4846c8983befb70b
This post has been closed to further comments.
Regards
Life happens, Coffee helps!
Show your Attitude, when you reach that Altitude!
Bitdefender Ultimate Security Plus (user)
1
