Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Meta
Merits 5 from 4 users
Re: Report Malware and Suspicious Links here so Mods can take Action !
by
nc50lc
on 10/10/2019, 04:19:30 UTC
⭐ Merited by Halab (2) ,morvillz7z (1) ,DroomieChikito (1) ,masulum (1)
A very important information for reporters:
Do not just paste the direct link to virustotal's url scanner as it will scan the host/server of that url instead of the file to be downloaded.
And apparently; when you paste mega.nz, it will always result with "CLEAN MX: Phishing" and "URLhaus: Malicious" regardless of the link.

Like for example (just MEGA's home URL):
https://www.virustotal.com/gui/url/71216ea7e98991af2c7f6226d581d2ba513e14cc585f8e8d0f6cf04bf112f755/detection
Same results, "CLEAN MX: Phishing" and "URLhaus: Malicious"

Another (safely reproduce-able) Example:
Try it with Electrum windows executable(s): https://electrum.org/#download <- It's safe but with false positives.
Copy the direct download link (https://download.electrum.org/3.3.8/electrum-3.3.8-setup.exe) and paste it to virustotal,
the result will be clean: VT URL Results. Virustotal didn't download the file in the link, it doesn't work that way.
But if you downloaded the file and uploaded to virustotal, there will be positives: VT uploaded result (v3.3.6) <- Again, false positives