Is this a real Malware or Trojan? MU online Game Server

thegamerr

***

Hello, is this a malware? VirusTotal flagged it with a detection, but this is a Game Server file (DarksTeam MuServer 0.99.60/62T 1.0M). According to the MMO Dev Forums—specifically the forum admins—this is just a false positive. They claim it’s due to the nature of how the game server communicates with player clients and the specific packers used to compress the file. They insist it is safe and clean.

Could you please analyze this for any malicious behavior? I tried monitoring it via TCPView, and I didn't see any suspicious external IPs—only localhost (127.0.0.1) and my own local IPv4 address.

The standard behavior for this application involves Server-to-Client communication using these specific ports:

• Port 44405: ConnectServer
• Port 55901: GameServer (Main)
• Port 55970 or 55960: JoinServer / DataServer

I just want to verify if it is truly not a malware. If a professional malware analyst could examine this, we would be able to determine if there are any suspicious activities or hidden malicious traits.
I uploaded the Game Server, so you can analyze them.

Virus Total Hash:

GameServer.exe - VirusTotal - File - b67869ae1954c80e964fd0ad786e0f5141a13f1f86882afc6bf6a9fba51c8cc5

JoinServer.exe - VirusTotal - File - 0195ce59157db75d83a6315c28b40c5fb7807f9e3c3354c0f75105a8b97ff746

Exdb.exe - VirusTotal - File - 9003e0eda28aae33bc50cb92e8b2ca175c79fa90cc34b42fea11e0036c53793a

GameServer CS - VirusTotal - File - 008feac38a998ffb562a299d1542100cede310f5b443b28c254fa21c4c84a6b4

DarksTeam.dll (From Game Server) 1/71 detections
VirusTotal - File - 1deceb890e08f5e385ad3a40f72bfba20071d78734d28a72133e063f5229ac02
LogProc.dll 2/73 detections
VirusTotal - File - 9aa9d47fd86b90a87ae812aa64d39940238fef733b3ac949e168c1dde90e8c7c
DateServer1 1/71 detections
VirusTotal - File - 3400c23d939ce5ee658c742fcfb2855884e0561a93d017a4e4323d954dcb564b
DataServer2 1/71 detections
VirusTotal - File - 3400c23d939ce5ee658c742fcfb2855884e0561a93d017a4e4323d954dcb564b
WZ_MU2003_EVENT_SERVER.exe 3/73 detections
VirusTotal - File - f3d066cb335160dfb5183ec23521af8118fcf1b7821b4b986c6858b5590b8480
ChatServer.EXE 1/72 detections
VirusTotal - File - 0b7fdd03cd7297807cf3240b141c52ed0916efeb6f60ab2b95dd8c48e3f16c34CS.exe 1/72 detections
VirusTotal - File - 9424041ce4664913ed02b3946ef07954a30a9752dce4ef012a0f6944bc9c355f
mumsg.dll Cean 0/72 detections
VirusTotal - File - a12030781117681ef10cb67e3d409936d7620aba3751df8ac9ea0506f0da9704

*** EDITED: File(s) and/or URL(s) removed by @Gjoksi
"Posting malware samples and /or URLs is not allowed in the community! Do not post direct links to any executable files, malicious/suspicious software or websites in threads, comments or private messages, even if you think the software or site is clean and incorrectly detected by Bitdefender."

Gjoksi

Hello.
Only the anti-malware researchers at Bitdefender Labs can help you with the issue.
You should report the file(s) and/or the URL(s) as false positive to Bitdefender Labs here:
https://www.bitdefender.com/consumer/support/answer/29358/
You could also share the VirusTotal link of the scanned file(s) and/or the scanned URL(s) to the anti-malware researchers.
Regards.