the one that has 0/71 on virus total. but apparently, you ran the file that i sent you? and the guy that owns the file has your stuff bro
Don't worry. Necessary steps were taken.
Just wondering if you talking about same hash of sample, VT first submission: 2022-08-09
View attachment 268517
View attachment 268518
Yeah, this one. As @SecureKongo
said, now MD users are protected from this one.
It wasn't detected by MD on execution for me but 5 minutes later when I entered the folder, MD detected it as ""Trojan:Win32/Bearfoos.A!ml".
So metada/telemetry collected from my infected system helped MD AI/ML models to verify this as an actual malware. This is the demonstration of post-infection detection that @Andy Ful
has talked about many times on the forum. This detection won't show up on VirusTotal.
But new users are protected from this particular sample now via MD Cloud.
The sample is a cookie stealer based on what I saw it doing.