- Mar 28, 2019
- 561
I was on Malware Hub seeing the VirusTotal page and Kaspersky pop up with this, why that happened? Someone knows why?
Download blocked, Object detected.
Please provide comments and solutions that are helpful to the author of this topic.
Looks like the hash/VT link of my latest sample #QbotI was on Malware Hub seeing the VirusTotal page and Kaspersky pop up with this, why that happened? Someone knows why?
Download blocked, Object detected.
Every time I update the page:Looks like the hash/VT link of my latest sample #Qbot
Kaspersky detection on your screenshot is the same than on VT:
HEUR:Trojan.PowerShell.Generic
Weird, that block still happening or just once before?
I'm not logged in, it's for logged users only or only on paid version?Do you have VT intelligence and can see the content tab?
Because that shows the malicious powershell string. I assume they see that string in the browser. It's an FP in the sense that it detects the string in the wrong context.
View attachment 244680
Yes, but I didn't know why this is showing to me if I not have such account. Maybe it's hidden?They should easily be able to replicate the FP by just browsing the same VT page while logged in with an Intelligence account.
In that case I am not sure what is causing this. Without the paid version you cannot see the file contents.I'm not logged in, it's for logged users only or only on paid version?