Wireshark mailing list archives
Wireshark and TeslaCrypt
From: Rich Rauenzahn <rrauenza () gmail com>
Date: Thu, 3 Mar 2016 09:50:53 -0800
Hi, I downloaded Wireshark a month or more ago to our Windows computer, but I think I didn't install it -- I think I had an older version already installed, and so left it as is in my Download folder. This morning Malwarebytes detected the Wireshark installer (I believe its the installer -- I'm getting this 2nd hand from home) as containing TeslaCrypt. (I've also downloaded the latest WireShark installer here at work as well and it passes the scan.) I think the binary was removed, not quarantined, but I'll check in more detail when I get home this evening. If I can find the actual binary, I could submit it to Malwarebytes for false positive verification. I suspect its a false positive, but it seems important enough that I ought to query here. Is it possible that Wireshark has TeslaCrypt signatures embedded in it for its own TeslaCrypt traffic detection? Rich ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Wireshark and TeslaCrypt Rich Rauenzahn (Mar 03)
- Re: Wireshark and TeslaCrypt Graham Bloice (Mar 03)