zaggynl Posted September 3, 2014 The binary from http://www.time4popcorn.eu/PopcornTime-latest.exe?cb=1 appears to install echo.exe and echo.dll to %appdata%/Popcorn Time which are only detected by SaS as keyloggers as per: https://www.virustotal.com/en/file/e18452f76c86f9215316db61dfcbd50fb82ae31fd679590e022a78968b608ef8/analysis/1409635544/ https://www.virustotal.com/en/file/e18452f76c86f9215316db61dfcbd50fb82ae31fd679590e022a78968b608ef8/analysis/1409635544/ Can anyone with the proper resources and abilities verify if they do contain a keylogger? Share this post Link to post Share on other sites
SAS Malware Research Posted September 3, 2014 Hello zaggynl, This looks to be a false detection. I have adjusted the definition database, and this file should no longer be detected as of version 11479 (which should be released within the next few hours). Please let us know if you have any other questions or concerns, SUPERAntiSpyware Malware Research Share this post Link to post Share on other sites
zaggynl Posted September 4, 2014 Hello zaggynl, This looks to be a false detection. I have adjusted the definition database, and this file should no longer be detected as of version 11479 (which should be released within the next few hours). Please let us know if you have any other questions or concerns, SUPERAntiSpyware Malware Research Thank you! Share this post Link to post Share on other sites