Question Hi, please is this file malicious?

[fedor345]

Hi, I found this zip. File for a game that's not available anymore. I would like to know before executing it if it's clean or not. If someone would be so kind and check it out for me. on virus total it looks like false positive and on hybrid analysis it shows some detections.
Reddit link:

 

[Wrecker4923]

You can post the links to VirusTotal and Hybrid analysis, and let other people weigh in or decide if they want to download a potential malware or not.

 

[Parkinsond]

VirusTotal

VirusTotal

www.virustotal.com

Kaspersky Threat Intelligence Portal

Kaspersky Threat Intelligence Portal allows you to scan files, domains, IP addresses, and URLs for threats, malware, viruses

opentip.kaspersky.com

Safeweb

safeweb.norton.com

This link is almost not flagged.
You may download; if it is not a self-extracting compressed file (with exe extension), it is safe to extract, but do not run any of its content.
After extraction, upload its executable files (with exe and dll extensions) for check using the websites I have posted above.

 

[Zero Knowledge]

Upload to virus total as Parkinsond said.

How old is the reddit user who posted it? Long time member more likely safe, brand new more likely malicious.

 

[fedor345]

this is extracted file "epic.exe" uploaded on :
virus total: https: //www.virustotal.com/gui/file/534b3263e5ce5dc9f9ac23d8e8598fe08098a26e90e5fc63000cf89a6be6aed1/detection
hybrid analysis: Free Automated Malware Analysis Service - powered by Falcon Sandbox
kaspersky: https: //opentip.kaspersky.com/534B3263E5CE5DC9F9AC23D8E8598FE08098A26E90E5FC63000CF89A6BE6AED1/results?tab=upload

 

[Parkinsond]

hybrid analysis: Free Automated Malware Analysis Service - powered by Falcon Sandbox

According to hybrid analysis, it is better to avoid; still could be a FP considering it is okay on VT and KTIP.

 

[fedor345]

okay then thx a lot.

 

[Parkinsond]

okay then thx a lot.

You are welcome; stay safe.

 

[Wrecker4923]

According to hybrid analysis, it is better to avoid; still could be a FP considering it is okay on VT and KTIP.

This message is not for you, @fedor345.

Honestly, based on VT, I would have thought it was okay. Based on VT and Hybrid Analysis, I would have thought Hybrid Analysis was a false positive because I've seen more of these on legitimate software. Given the type of software (an unofficial game that is no longer available officially), I would have stayed miles away, as this is a typical malware lure.

 

[Parkinsond]

This message is not for you, @fedor345.

Honestly, based on VT, I would have thought it was okay. Based on VT and Hybrid Analysis, I would have thought Hybrid Analysis was a false positive because I've seen more of these on legitimate software. Given the type of software (an unofficial game that is no longer available officially), I would have stayed miles away, as this is a typical malware lure.

Some cracks, including embedded game cracks, are labeled malicious by several AVs (the way they work masquerade malware), so you cannot tell for sure it is malware or not.
But I prefer to follow "better safe than sorry).