ClamAV detects malicious Win.Packed.Jalapeno-10036400-0 signature #469
Comments
nmschulte-aviture
changed the title
|
I'm guessing that some malicious program uses ImageResizer and it got flagged as part of the problem? Is this the same the digest of the file on NuGet? |
This is not the case, at least in my understanding.
Yes, this is
|
|
All binaries are built on CI and tagged with a Git commit, this one was
built on AppVeyor. I doubt there was a supply chain attack on them.
I've seen a lot of false positives over there years; does that vendor have
a reporting tool?
…On Tue, Oct 1, 2024, 6:16 AM nmschulte-aviture ***@***.***> wrote:
I'm guessing that some malicious program uses ImageResizer and it got
flagged as part of the problem?
This is not the case.
Is this the same the digest of the file on NuGet?
Yes, this is imageresizer.4.2.8.nupkg/lib/net45/ImageResizer.dll (
https://www.nuget.org/api/v2/package/ImageResizer/4.2.8).
sha256sum imageresizer.4.2.8.nupkg
7dba7a294cd3511ac07e88cbb55e11b7460db57c309b9b712433c67dbbced1fa
imageresizer.4.2.8.nupkg
—
Reply to this email directly, view it on GitHub
<#469 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAA2LH7Z7JISVML7XZH3W7TZZKHDDAVCNFSM6AAAAABPEGWTOOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGOBVGYZDEMRSGA>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
|
false positives can be reported to ClamAV here: https://www.clamav.net/reports/fp note that VirusTotal is also reporting that "Google" detects this as well |
https://www.virustotal.com/gui/file/0b882a5736399df5f47fbb75785bb2bdfd43ca243c29031adb97854be9528598
MD5
e390de07942c035b20e62d7e9194b04f
SHA-1
b40e1890f064e7dba235158424b4e61de03f2c19
File Version
4.2.8.1168
The text was updated successfully, but these errors were encountered: