VIRUS IN ~ CANDLE ~ .EXE Are we surprised?

[LiteMine]

Candlecoin windows binary is infected, different hash than presented in their thread. I know there are false positives in wallets, but Malwarebytes just took about 10 virusues off my crashbox, it was previously clean.


rar:   HEUR/QVM03.0.Malware.Gen
https://www.virustotal.com/en/file/6dc0bbad7bf9fb63f8377045b9fa3bf268eace72f024592fbdb1eedd82f91f3e/analysis/1448121325/

.exe:    Dropper/Win32.Agent
https://www.virustotal.com/en/file/50aa309e434155d422b886a3be9aff9ab2d02f4916d804f5ca5f2c7e11f192ce/analysis/

[kondiomir]

https://www.virustotal.com/bg/file/24a4b22f96711ae297b986dfb5fedf930a234d2a44dc75a0afd8cbe49b18adf1/analysis/1448124355/


0 / 54

[Sir_Astral]

My wallet

CRC32: 6528049F
MD5: E78C0CC7CCD7802569501937495CAD1A
SHA-1: 2AEFBD873C35C3BA534653B3FA2705D54D1835A3

And yours?

[kondiomir]

MD5 e78c0cc7ccd7802569501937495cad1a
SHA1 2aefbd873c35c3ba534653b3fa2705d54d1835a3
SHA256 24a4b22f96711ae297b986dfb5fedf930a234d2a44dc75a0afd8cbe49b18adf1

[Sir_Astral]

OP has other checksum.

[ocminer]

It's a self mod topic... biiig Red flag

[Sir_Astral]

OP has other checksum.

This is exactly why we launched Steps Stay Safe, our online facility is there for miners and holders of new coins to make sure wallets is clean before you download it to your computer.

https://altcoinsteps.com/staySafe

Interesting. How do you check it? VM?

[samspaces]

OP has other checksum.

This is exactly why we launched Steps Stay Safe, our online facility is there for miners and holders of new coins to make sure wallets is clean before you download it to your computer.

https://altcoinsteps.com/staySafe

This is a really cool initiative! I'll check this out later when I have time.

[TillKoeln]

Are we surprised? 

ehm no ^^  thats why i prefer to compile the wallets on my own system

[kondiomir]

Just downloaded the wallet from the OP.

https://www.virustotal.com/bg/file/35845506d49504d9744e7abcee721951ca2baf3a5cd7a188706e8d64e98ed494/analysis/1448125705/

0/55

MD5 d13bdfd57d28108c5efea5562e69304d
SHA1 230bc9e3c8a151189167644a5d56210bc7ed2eb4
SHA256 35845506d49504d9744e7abcee721951ca2baf3a5cd7a188706e8d64e98ed494


Also checked wit HEX editor. Seems like no hidden exe there.


Note: seems like MD5 & SHA are different from initial qt-wallet.
Note2: Initial and present wallet are .zip @LiteMine wallet is .rar

[AltcoinSteps]

OP has other checksum.

This is exactly why we launched Steps Stay Safe, our online facility is there for miners and holders of new coins to make sure wallets is clean before you download it to your computer.

https://altcoinsteps.com/staySafe

Interesting. How do you check it? VM?

we do not download the .exe, we compile our from source and we add all new coins since lately 9 out of 10 have virus/trojan, but if you want to check/download the .exe better use WM or sandbox

[Sir_Astral]

Downloaded from Candle thread now, my wallet has same checksums.
Where OP has downloaded exe with different checksums?

[nikkers]

The file i got yesterday is clean too, and different checksum etc than op of this thread :S

not saying there's nothing hidden in it, i'm no expert, but malwarebytes and virustotal tell me mine is clean :S

ZIP
https://www.virustotal.com/en/file/35845506d49504d9744e7abcee721951ca2baf3a5cd7a188706e8d64e98ed494/analysis/1448126500/

QT
https://www.virustotal.com/en/file/24a4b22f96711ae297b986dfb5fedf930a234d2a44dc75a0afd8cbe49b18adf1/analysis/1448126126/

i'll hold off on installing it for now 

[Sir_Astral]

The file i got yesterday is clean too, and different checksum etc than op of this thread :S

not saying there's nothing hidden in it, i'm no expert, but malwarebytes and virustotal tell me mine is clean :S

ZIP
https://www.virustotal.com/en/file/35845506d49504d9744e7abcee721951ca2baf3a5cd7a188706e8d64e98ed494/analysis/1448126500/

QT
https://www.virustotal.com/en/file/24a4b22f96711ae297b986dfb5fedf930a234d2a44dc75a0afd8cbe49b18adf1/analysis/1448126126/

i'll hold off on installing it for now 

I have the same checksum.
OP is a troll.

[samsunk]

No surprise - I told them in thread beware of viruses with encryption can defeat av scanners

-samsunk

[lobat999]

Candlecoin windows binary is infected, different hash than presented in their thread. I know there are false positives in wallets, but Malwarebytes just took about 10 virusues off my crashbox, it was previously clean.


rar:   HEUR/QVM03.0.Malware.Gen
https://www.virustotal.com/en/file/6dc0bbad7bf9fb63f8377045b9fa3bf268eace72f024592fbdb1eedd82f91f3e/analysis/1448121325/

.exe:    Dropper/Win32.Agent
https://www.virustotal.com/en/file/50aa309e434155d422b886a3be9aff9ab2d02f4916d804f5ca5f2c7e11f192ce/analysis/

just run a new test. it seems clean though.

https://www.virustotal.com/en/file/24a4b22f96711ae297b986dfb5fedf930a234d2a44dc75a0afd8cbe49b18adf1/analysis/1448151472/

[Sir_Astral]

Click additional information from OP exe link.
14 Mb exe. OP is a troll.

[m4xp0w3r7]

Clean
https://www.virustotal.com/en/file/24a4b22f96711ae297b986dfb5fedf930a234d2a44dc75a0afd8cbe49b18adf1/analysis/1448151472/

[skeet]

Click additional information from OP exe link.
14 Mb exe. OP is a troll.

Nope, the dev purposely swap the original clean file with infected file from mega. How would I know? The exe file I downloaded at work was clean but when I redownloaded it again at home it was totally infected. It was on the same OP of the official thread.

[Sir_Astral]

Click additional information from OP exe link.
14 Mb exe. OP is a troll.

Nope, the dev purposely swap the original clean file with infected file from mega. How would I know? The exe file I downloaded at work was clean but when I redownloaded it again at home it was totally infected. It was on the same OP of the official thread.

I downloaded wallet since thread creation, then when this topic appears I redownloaded wallet and checksum the same... I don't know where you found another wallet, now seems thread does not exist anymore. So maybe it is dead.