Advice Request Kaspersky came up with this today

Please provide comments and solutions that are helpful to the author of this topic.
franz

franz

Level 10
Thread author
Verified
Well-known
May 29, 2021
464
2,588
869
Kaspersky came up with this today, has anyone experienced this before?

Incident: Legitimate software was discovered that criminals can use to damage a computer or personal data. User: LINUX \ Linux Type of user: Active user Program Name: brave.exe Program Path: C: \ Program Files \ BraveSoftware \ Brave-Browser \ Application Component: Web Antivirus Result description: Discovered Type: Cause: Contains adware, automatic dialing, and legitimate software that criminals can use to harm your computer or your personal data Name: not-a-virus: HEUR: AdWare.Script.Pusher.gen Precision: Partly Threat level: Medium Object type: File Object name:? Te = mrstmmdcge5ha3ddf4ztsmrt Object path: https://us05.biz MD5: F0369AEED2D8E758F128D6375D857963 Cause: Expert analysis Release date for databases: Today, 14.06.2022 09:39:00

Event: Download rejected User: LINUX \ Linux Type of user: Active user Program Name: brave.exe Program Path: C: \ Program Files \ BraveSoftware \ Brave-Browser \ Application Component: Web Antivirus Result description: Blocked Type: Cause: Contains adware, automatic dialing, and legitimate software that criminals can use to harm your computer or your personal data Name: not-a-virus: HEUR: AdWare.Script.Pusher.gen Precision: Partly Threat level: Medium Object type: File Object name:? Te = mrstmmdcge5ha3ddf4ztsmrt Object path: https://us05.biz MD5: F0369AEED2D8E758F128D6375D857963 Cause: Expert analysis Release date for databases: Today, 14.06.2022 09:39:00
Click to expand...
 
Last edited by a moderator:
  • Like
Reactions: Dave Russo
Seems like it did its job, the detection name being "adWare.Script.Pusher.gen" seems like it was some kind of pop up or redirects to other sites.
 
  • Like
Reactions: Dave Russo
The detection of the OP is an Heur detection.

I just got this:
Hello,

The specified URL was added to our blocklist.
Thank you for your help.

Best regards, V. B., Malware Analyst
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 Kaspersky Cyber Security Solutions for Home & Business | Kaspersky Securelist | Kaspersky’s threat research and reports
Kaspersky Threat Intelligence Portal - get insights about suspicious files, hashes, URLs, IP addresses or domain names
Click to expand...
 
  • Like
  • +Reputation
Reactions: roger_m, Berny, Trooper and 2 others

You may also like...