- Mar 15, 2017
- 210
@Tigzy The detection as keylogger for Winja, phrozen.io, is a false-positive, or not?
Winja v5.1 - Phrozen
https://www.reverse.it/sample/9125a...c90a10501c4980f06395/5c7ca8760388382a0f9f1f19
Not sure about this Threat Description - Adlice Software
I saw that the developer of Winja probably made a keylogger, but also other things I think?
Thank you.
Hey, no it's not. We are aware here's a great dev and such, but still this is a keylogger and having it installed on a machine may be for bad purposes so we've chosen to detect. You can add exclusion if you want
EDIT: I see what you mean, we'll try to modify the rule to only detect Keylogger.