10-06-2022, 07:26 PM
Probably a false positive, I know heuristic scanners can yield false results (but attackers also say their software is a false positive). Thought I'd throw this up here in case anyone else sees it too.
My RoboDk.exe is:
version: v5.5.1.22568 (2022-09-18)
SHA256: f484bb0cd42dd069de3af4106c862acc3cee1501bc53bd93680f755cbb47c62e
RoboDK seems reputable, I saw nothing wrong with the *.ini files it was complaining about. Curiously, they did contain a large ByteArray. I'm not sure how this works, but maybe it saw some bytes it didn't like. I am not super familiar with this Acronis backup utility, especially as AV. Nothing looked out of place, though my malware analysis XP is lower than it used to be these days, and threats are more sophisticated and well-funded than ever. We did find a RAT lurking on a mass storage device that was supposed to be empty and new in box (albeit it wasn't).
My RoboDk.exe is:
version: v5.5.1.22568 (2022-09-18)
SHA256: f484bb0cd42dd069de3af4106c862acc3cee1501bc53bd93680f755cbb47c62e
RoboDK seems reputable, I saw nothing wrong with the *.ini files it was complaining about. Curiously, they did contain a large ByteArray. I'm not sure how this works, but maybe it saw some bytes it didn't like. I am not super familiar with this Acronis backup utility, especially as AV. Nothing looked out of place, though my malware analysis XP is lower than it used to be these days, and threats are more sophisticated and well-funded than ever. We did find a RAT lurking on a mass storage device that was supposed to be empty and new in box (albeit it wasn't).
