Mudfish 5.2.5 setup file triggers window's Trojan Win32/Hyamer.B!ml warning

image

3 Likes

I just got this warning too. Installed 5.2.5 last night without any warnings. But today virus definitions updated and immediately detected/quarantined the same Trojan identified here. Would appreciate some input on whether this was a false positive, or something else going on.

I submitted one of the relevant detected files mentioned here and in the detection alert my machine raised (mudflow.exe) to hybrid analysis and this was the report, overall assessed as malicious, but looking at many of the reasons such as contacting multiple countries etc I can understand why this may still be a false positive so would be good to have a developer response to this to clarify.

The overview report:
https://www.hybrid-analysis.com/sample/6444da5c816b77e18c950ba8baf90362bd550ccbd73170cbf9955459c8581672

And sandboxed breakdown of relevant indicators assessed:
https://www.hybrid-analysis.com/sample/6444da5c816b77e18c950ba8baf90362bd550ccbd73170cbf9955459c8581672/5f746e10c1f9f87f88602c68


I checked it on VirusTotal, and only 3 / 67 are detecting anything wrong with it, so it’s PROBABLY a false positive. Anyone able to verify they had no issues after installing it anyway?

I tried both the latest version and the 5.1 one and they both come up with backdoor/trojans. Went and installed 4.5 and that one comes up as clean. I don’t know why the newest ones have this in them but I’m gonna just stick to the older versions until they resolve this :confused:

Same thing here with 5.2.5 after getting the prompt to update a day ago.

The interesting thing is that I just went to the site to try and download the latest version again and it’s no longer the 5.2.5 but instead the 5.2.4…

Kinda getting weary of this program now, the last two updates had this same trojan pop up?

First sorry for this inconvenience. We performed the virus test for this release via VirusToal but it seems it’s a false positive from Windows Defender. :frowning: Please check https://www.virustotal.com/gui/file/ccd3a308a03813191c251f55f92e36ceff5554d3421e1c453d46e1472d31fd4f/detection link for details.

According to the result, it says that mudflow.exe process includes a trojan but frankly I don’t have any idea why they think it. Because I’m a developer of mudfish program (include mudflow.exe), I can say that there’s no big changes and most of changes are related with fixing crashes and small improvement…

As a workaround at this moment, please visit http://mudfish.net/releases/ link and try to use the previous stable version v5.2.4. I’d reverted the latest change to v5.2.4 so the download link should point the previous stable.

This topic was automatically closed after 21 days. New replies are no longer allowed.