Jump to content

suspicious dashost.exe rootkit? no av detection


Recommended Posts

hello eset community and respective administrator i am having trouble analyzing my dashost.exe file it was not tag by any antivirus as malware but when i run it on hybrid analysis.com it was tagged as rootkit and suspicious also it does not have any digital signature in it is this fine or is my pc got infiltrated i am sending a sample to eset of the file hoping i will get a response.

 

here is the file @ https://file.io/9aS5vWwaQwPo

Link to comment
Share on other sites

  • Administrators

The file is no longer available. Please do not post link to potentially malicious files which could harm users if downloaded and run. Instead submit suspicious files to samples[at]eset.com in an archive protected with the password "infected".

Link to comment
Share on other sites

  • Administrators

If you submit  the sample to ESET, we can check it out. A screenshot is not enough and manually transcribing the SHA256 would be tedious.

Link to comment
Share on other sites

9 minutes ago, Marcos said:

If you submit  the sample to ESET, we can check it out. A screenshot is not enough and manually transcribing the SHA256 would be tedious.

i wonder why my pc dashost is not digitaly signed?

Link to comment
Share on other sites

To get to the bottom of this, I submitted dashost.exe from my Win 10 x(64) build to Hybrid-Analysis. I received the same suspicious detection as shown in the previous posted screen shot. In other words, it is a false positive detection.

As far as the regedit.exe detection by filescan.io, I have no idea what file you actually submitted, or if the file was actually submitted to the legit filescan.io web site.

Unwarranted software paranoia I believe is being manifested here.

Link to comment
Share on other sites

  • Most Valued Members

I'm curious why you are scanning these on multiple sites in the first place. The problem is anything has the potential to flag as suspicious, but the fact no AVs are detecting them looks like these suspicious flags are false positives 

Link to comment
Share on other sites

@itman i run and want to test my windows files after a html trojan is detected by my eset and after checking that my pc windows files has no digital signature by the way i am running a crack game/program that i set my eset hips to block modification.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...