cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
HoangCuong
Level 7
Report Inappropriate Content
Message 1 of 5
‎12-31-2020 01:26 AM

identify ExtraDAT version

Please define for me the version of ExtraDAT covered the sample below in service requests 4-21556909221. MD5 e31ab9388cbaa8750516d38088dddbb0 SHA-1 d190aea4ac58975d98e657674ae6a80cba5c6b08 SHA-256 af6cb7f9aaa2e1cff577888164f689c4bdb62490bd78915595d7fdd6462d09c4
0 Kudos
Reply
4 Replies
yaz
Employee
Employee
Report Inappropriate Content
Message 2 of 5
‎12-31-2020 01:38 AM

Re: identify ExtraDAT version

Hi @HoangCuong 

Thanks for reaching out to community.

From the details of the hash, I see this is covered and detected as "BackDoor-PlugX!E31AB9388CBA ".

I see you have raised SR as MALWARE submission that goes to labs.

I request you to reach out to us as normal submission mechanism so that we can check details accordingly. 

Was my reply helpful?

If yes, please give me a Kudo. If this resolves your query, Kindly Mark this as solution so that together we help other community members.

0 Kudos
Reply
yaz
Employee
Employee
Report Inappropriate Content
Message 3 of 5
‎01-03-2021 06:29 PM

Re: identify ExtraDAT version

Hi @HoangCuong 

This file does not show any malicious behavior on the sandboxing.

We dont have detection for this file. 

Kindly let me know if you have any further queries. 

Was my reply helpful?

If yes, please provide me with a kudo. If I have answered your query, then kindly mark this as solution so that together we help other community members 

0 Kudos
Reply
HoangCuong
Level 7
Report Inappropriate Content
Message 4 of 5
‎01-04-2021 10:50 PM

Re: identify ExtraDAT version

Hi @yaz,

Please extract this file with winrar and try analysis again.

I my case, The malware was detected and blocked by ATP. However, I want to update ExtraDAT to automatically remove this file on the system.

0 Kudos
Reply
yaz
Employee
Employee
Report Inappropriate Content
Message 5 of 5
‎01-05-2021 08:05 PM

Re: identify ExtraDAT version

Hi @HoangCuong 

I request you to open an SR in this regards so that we can see what is the root cause. 

 

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC