Thank you for the rapid response Stefan Baur,
Although I do agree that those AV names are, shall we say, 'less reputable', I was only emailing for due diligence in that both FF and Chrome flagged it as malicious.
Thank you for addressing my concerns,
Josh Conway
On Fri, Feb 28, 2020 at 9:32 AM <x2go-user-request@lists.x2go.org> wrote:
Send x2go-user mailing list submissions to x2go-user@lists.x2go.org
To subscribe or unsubscribe via the World Wide Web, visit https://lists.x2go.org/listinfo/x2go-user or, via email, send a message with subject or body 'help' to x2go-user-request@lists.x2go.org
You can reach the person managing the list at x2go-user-owner@lists.x2go.org
When replying, please edit your Subject line so it is more specific than "Re: Contents of x2go-user digest..."
Today's Topics:
- Credible warning of infected / trojaned X2go windows binary (Josh Conway)
- Re: Credible warning of infected / trojaned X2go windows binary (Stefan Baur)
Message: 1 Date: Fri, 28 Feb 2020 09:09:17 -0500 From: Josh Conway <jwcrawley@gmail.com> To: x2go-user@lists.x2go.org Subject: [X2Go-User] Credible warning of infected / trojaned X2go windows binary Message-ID: <CACxuvT5Pp7tSgc29tdeurqynrn=wwijRYJi_mb7_k7W6OVL=_ g@mail.gmail.com> Content-Type: text/plain; charset="utf-8"
Greetings,
Upon downloading the file:
https://code.x2go.org/releases/binary-win32/x2goclient/releases/4.1.2.2-2020...
MD5 8b1ac4cb969d116c9303ab3fafe50a01 SHA-1 ce77b87fd972aa12c74bb36181371034b0bb051d SHA-256 227857330e14cf88c88159c5439c914ce2e4170c7aa29149641d5df11d1745f0
Firefox *and* Google Chrome both throw errors for detected malware.
Running said file through Virustotal shows the 6 AV products' results:
Bkav: HW32.Packed.
Panda: PUP/RemoteAdmin
Trapmine: Malicious.moderate.ml.score
Webroot: W32.Ransom.Gen
Yandex: Trojan.Agent!RIMR9kcXEpU
Zillya: Trojan.Generic.Win32.1026149
I've attempted to ping people in the freenode #x2go irc room to no avail.
Josh Conway