Thank you for the rapid response Stefan Baur,

Although I do agree that those AV names are, shall we say, 'less reputable', I was only emailing for due diligence in that both FF and Chrome flagged it as malicious.

Thank you for addressing my concerns,

Josh Conway

On Fri, Feb 28, 2020 at 9:32 AM <x2go-user-request@lists.x2go.org> wrote:

Send x2go-user mailing list submissions to x2go-user@lists.x2go.org

To subscribe or unsubscribe via the World Wide Web, visit https://lists.x2go.org/listinfo/x2go-user or, via email, send a message with subject or body 'help' to x2go-user-request@lists.x2go.org

You can reach the person managing the list at x2go-user-owner@lists.x2go.org

When replying, please edit your Subject line so it is more specific than "Re: Contents of x2go-user digest..."

Today's Topics:

1. Credible warning of infected / trojaned X2go windows binary (Josh Conway)
2. Re: Credible warning of infected / trojaned X2go windows binary (Stefan Baur)

---

Message: 1 Date: Fri, 28 Feb 2020 09:09:17 -0500 From: Josh Conway <jwcrawley@gmail.com> To: x2go-user@lists.x2go.org Subject: [X2Go-User] Credible warning of infected / trojaned X2go windows binary Message-ID: <CACxuvT5Pp7tSgc29tdeurqynrn=wwijRYJi_mb7_k7W6OVL=_ g@mail.gmail.com> Content-Type: text/plain; charset="utf-8"

Greetings,

Upon downloading the file:

https://code.x2go.org/releases/binary-win32/x2goclient/releases/4.1.2.2-2020...

MD5 8b1ac4cb969d116c9303ab3fafe50a01 SHA-1 ce77b87fd972aa12c74bb36181371034b0bb051d SHA-256 227857330e14cf88c88159c5439c914ce2e4170c7aa29149641d5df11d1745f0

Firefox *and* Google Chrome both throw errors for detected malware.

Running said file through Virustotal shows the 6 AV products' results:

Bkav: HW32.Packed.

Panda: PUP/RemoteAdmin

Trapmine: Malicious.moderate.ml.score

Webroot: W32.Ransom.Gen

Yandex: Trojan.Agent!RIMR9kcXEpU

Zillya: Trojan.Generic.Win32.1026149

I've attempted to ping people in the freenode #x2go irc room to no avail.

Josh Conway