+- Sinisterly (https://sinister.ly)
+-- Forum: Computers (https://sinister.ly/Forum-Computers)
+--- Forum: Antivirus & Protection (https://sinister.ly/Forum-Antivirus-Protection)
+--- Thread: Free | Malwarebytes Premium (/Thread-Free-Malwarebytes-Premium)
RE: Free | Malwarebytes Premium - cyberchron - 06-17-2020
I think this could just be a problem with the current version of the software i think they probably patched it.
a lot of the packs I've seen for this aren't above version 3.7 (ish) .. im gonna download and old version and try to
verify this when i have the time
Here is a repack of 3.8
https://rapidgator.net/file/0abf4e87f963ec396f9b543f51f3f694/mwlebmaar14112.rar.html
Analysis of the file
https://www.joesandbox.com/analysis/239442/0/executive
https://www.joesandbox.com/analysis/239442/0/pdf
It reported being malicious but i didn't see anything that looked to out of the ordinary i think it just reported so because of the behaviour of the repack.
I tested it and its working
RE: Free | Malwarebytes Premium - mothered - 06-18-2020
(06-17-2020, 11:38 PM)cyberchron Wrote: It reported being malicious but i didn't see anything that looked to out of the ordinaryThe only thing that's of concern, Is this:
Quote:Contacts 1 domain/IP
It may well be contacting their official servers for licensing/software update purposes, but If this Is the case, I don't see why It's flagged as malicious.
RE: Free | Malwarebytes Premium - cyberchron - 06-18-2020
(06-18-2020, 06:19 AM)mothered Wrote:(06-17-2020, 11:38 PM)cyberchron Wrote: It reported being malicious but i didn't see anything that looked to out of the ordinaryThe only thing that's of concern, Is this:
Quote:Contacts 1 domain/IP
It may well be contacting their official servers for licensing/software update purposes, but If this Is the case, I don't see why It's flagged as malicious.
Thats kind of what i thought as well. but this is what it connects to lol so i dunno. I don't know enough about this stuff to make an informed call. i installed it regardless so perhaps im a zombie now. feed me data
PTR IP: 3.8.3.29 - Amazon.com, Inc. (AS16509) ec2-3-8-3-29.eu-west-2.compute.amazonaws.com
ok maybe i read that log wrong.... is that the ip because it happens to be the version number of the malwarebytes hahaha so i dunno if its also just a false readout of some kind or im reading this stuff all wrong.
RE: Free | Malwarebytes Premium - mothered - 06-18-2020
(06-18-2020, 06:26 AM)cyberchron Wrote:(06-18-2020, 06:19 AM)mothered Wrote:(06-17-2020, 11:38 PM)cyberchron Wrote: It reported being malicious but i didn't see anything that looked to out of the ordinaryThe only thing that's of concern, Is this:
Quote:Contacts 1 domain/IP
It may well be contacting their official servers for licensing/software update purposes, but If this Is the case, I don't see why It's flagged as malicious.
Thats kind of what i thought as well. but this is what it connects to lol so i dunno. I don't know enough about this stuff to make an informed call. i installed it regardless so perhaps im a zombie now. feed me data
PTR IP: 3.8.3.29 - Amazon.com, Inc. (AS16509) ec2-3-8-3-29.eu-west-2.compute.amazonaws.com
ok maybe i read that log wrong.... is that the ip because it happens to be the version number of the malwarebytes hahaha so i dunno if its also just a false readout of some kind or im reading this stuff all wrong.
Under (AS16509) , there's over 10 million domains hosted and 33+ million IP addresses.
It could be legit, but until It's analyzed, can't say for sure.
RE: Free | Malwarebytes Premium - cyberchron - 06-18-2020
(06-18-2020, 06:50 AM)mothered Wrote:(06-18-2020, 06:26 AM)cyberchron Wrote:(06-18-2020, 06:19 AM)mothered Wrote: The only thing that's of concern, Is this:
It may well be contacting their official servers for licensing/software update purposes, but If this Is the case, I don't see why It's flagged as malicious.
Thats kind of what i thought as well. but this is what it connects to lol so i dunno. I don't know enough about this stuff to make an informed call. i installed it regardless so perhaps im a zombie now. feed me data
PTR IP: 3.8.3.29 - Amazon.com, Inc. (AS16509) ec2-3-8-3-29.eu-west-2.compute.amazonaws.com
ok maybe i read that log wrong.... is that the ip because it happens to be the version number of the malwarebytes hahaha so i dunno if its also just a false readout of some kind or im reading this stuff all wrong.
Under (AS16509) , there's over 10 million domains hosted and 33+ million IP addresses.
It could be legit, but until It's analyzed, can't say for sure.
No but like look at the ip address.... and look at the version of this malwarebytes is what im saying. they are the same. I highly doubt some hacker just managed to get server address thats the same as the malwarebytes version. seems super strange to me.
IP = 3.8.3.29 && Malwarebytes Version # = 3.8.3.2965 so I mean coincidence?
RE: Free | Malwarebytes Premium - mothered - 06-18-2020
(06-18-2020, 07:14 AM)cyberchron Wrote:I've understood this right from the get-go.(06-18-2020, 06:50 AM)mothered Wrote:(06-18-2020, 06:26 AM)cyberchron Wrote: Thats kind of what i thought as well. but this is what it connects to lol so i dunno. I don't know enough about this stuff to make an informed call. i installed it regardless so perhaps im a zombie now. feed me data
PTR IP: 3.8.3.29 - Amazon.com, Inc. (AS16509) ec2-3-8-3-29.eu-west-2.compute.amazonaws.com
ok maybe i read that log wrong.... is that the ip because it happens to be the version number of the malwarebytes hahaha so i dunno if its also just a false readout of some kind or im reading this stuff all wrong.
Under (AS16509) , there's over 10 million domains hosted and 33+ million IP addresses.
It could be legit, but until It's analyzed, can't say for sure.
No but like look at the ip address.... and look at the version of this malwarebytes is what im saying. they are the same. I highly doubt some hacker just managed to get server address thats the same as the malwarebytes version. seems super strange to me.
IP = 3.8.3.29 && Malwarebytes Version # = 3.8.3.2965 so I mean coincidence?
I'm the type who delves Into every Intricate detail, prior to making a decision on a given commodity.
RE: Free | Malwarebytes Premium - cyberchron - 06-18-2020
(06-18-2020, 07:34 AM)mothered Wrote:(06-18-2020, 07:14 AM)cyberchron Wrote:I've understood this right from the get-go.(06-18-2020, 06:50 AM)mothered Wrote: Under (AS16509) , there's over 10 million domains hosted and 33+ million IP addresses.
It could be legit, but until It's analyzed, can't say for sure.
No but like look at the ip address.... and look at the version of this malwarebytes is what im saying. they are the same. I highly doubt some hacker just managed to get server address thats the same as the malwarebytes version. seems super strange to me.
IP = 3.8.3.29 && Malwarebytes Version # = 3.8.3.2965 so I mean coincidence?
I'm the type who delves Into every Intricate detail, prior to making a decision on a given commodity.
Fair enough m8 sorry for implying you weren't all there. didn't mean to offend
But since you noticed that too like what are the odds of that being legit? could the repack just put some information somewhere causing it to act like a connection or give out the reading of one or would that have to be intentional?
And is their a scenario in which people would straight up go out of their way to get a domain on a server that matches a version number just to create this type of confusion?
or I guess malwarebytes could have their reg server there maybe.?
i think i should get a legit copy and run it through that system and see what it outputs
I am so friggen intrigued by this hahahaha sorry for the million messages
I'm asking purely from an educational stand point because i don't know.