Advice Request Can anyone help me analyze if this file is safe?

[SumTingWong]

Download site for the app gui version: hxxps://deemix.app/gui/
Note: replace the xx with tt for https not hxxps.

homepage: hxxps://deemix.app/
Note: replace the xx with tt for https not hxxps

VirusTotal

VirusTotal

www.virustotal.com

I ran this on my desktop with shadow defender on and I don't see any suspicious activity at all from basic analyzing like looking through task manager and control panel for any unknown program drop. From virustotal.com, it looks clean. Can anyone run this and do further analyzing if this file is safe?

 

[Thiagoo]

Deemix had a source code repository which got taken down because of DMCA (as it download songs from Deezer)

From the VirusTotal sandbox analysis, I'd say it's safe to use.

 

[silversurfer]

I ran this on my desktop with shadow defender on and I don't see any suspicious activity at all from basic analyzing like looking through task manager and control panel for any unknown program drop. From virustotal.com, it looks clean. Can anyone run this and do further analyzing if this file is safe?

Just uploaded "deemix-gui Setup.exe" to analysis services:

3c325eaeacc486269d5eb48812181a5cba605869ca3daf82c1206b8a97fa1244 | Triage

Check this report malware sample 3c325eaeacc486269d5eb48812181a5cba605869ca3daf82c1206b8a97fa1244, with a score of 7 out of 10.

tria.ge

https://www.hybrid-analysis.com/sample/3c325eaeacc486269d5eb48812181a5cba605869ca3daf82c1206b8a97fa1244/60ce04911829ad40a42aed22

 

[SumTingWong]

Deemix had a source code repository which got taken down because of DMCA (as it download songs from Deezer)

From the VirusTotal sandbox analysis, I'd say it's safe to use.

oh

Just uploaded "deemix-gui Setup.exe" to analysis services:

3c325eaeacc486269d5eb48812181a5cba605869ca3daf82c1206b8a97fa1244 | Triage

Check this report malware sample 3c325eaeacc486269d5eb48812181a5cba605869ca3daf82c1206b8a97fa1244, with a score of 7 out of 10.

tria.ge

https://www.hybrid-analysis.com/sample/3c325eaeacc486269d5eb48812181a5cba605869ca3daf82c1206b8a97fa1244/60ce04911829ad40a42aed22

so is it safe?

 

[silversurfer]

so is it safe?

Looks like "safe" but we never know about any low reputation software, especially without valid digital signature...

 

[SumTingWong]

Looks like "safe" but we never know about any low reputation software, especially without valid digital signature...

if i run this in vm with vpn on then it should be safe?

 

[brambedkar59]

File seems safe. But no one one can be 100% sure until they can actually reverse engineer the code and read it.

Kaspersky Threat Intelligence Portal

Kaspersky Threat Intelligence Portal allows you to scan files, domains, IP addresses, and URLs for threats, malware, viruses

opentip.kaspersky.com

You should be fine running it in a VM.

 

[SumTingWong]

File seems safe. But no one one can be 100% sure until they can actually reverse engineer the code and read it.

Kaspersky Threat Intelligence Portal

Kaspersky Threat Intelligence Portal allows you to scan files, domains, IP addresses, and URLs for threats, malware, viruses

opentip.kaspersky.com

You should be fine running it in a VM.

running in vm with vpn on is good too?

What about running shadow defender inside a vm?

 

[Thiagoo]

running in vm with vpn on is good too?

What about running shadow defender inside a vm?

Late reply, but i don't think a file with this behavior and not detected by any AV would be able to do something like a sandbox escape. Only a VM or a VM w/ VPN is enough.