B4J Question Virustotal.com reports B4J Desktop build "Test.exe" as Trojan Downloader

H

Hermann Knopp

New Member
Licensed User
i have used Product

Basic4Java Desktop Version "B4J"

latest Release from this
Download Site.

I installed all , Java 14 JDK
Java FX 14 and so on.

Now i have scanned my Test
App "Test1.exe" on
Virustotal.com Website
an 5 Virusscanners reported
this App (wich only
opens a window and a wait for a
button click).

One Scanner tells it is a Javascript JS.Downloader
Virus/Trojan, the others report malicious.

I have replaced the file ending with ".txt"
and looked into the file.

I have seen that there is som sort of
ASCII Grafics in there.
and if I deleted this ASCII Grafics
and scanned on Virustotal again
all Virusscanners reported a clean File !!!

Can you analyze this for me and give
me a answerer how to get ride of this
Problem?

Thank you, very much
Greetings

Hermann Knopp
Austria
 

Attachments

  • Screenshot (1275).png
    Screenshot (1275).png
    165.6 KB · Views: 56
  • Screenshot (1276).png
    Screenshot (1276).png
    166.2 KB · Views: 51
  • test1.exe.txt
    92.5 KB · Views: 45
Sort by date Sort by votes
BlueVision

BlueVision

Active Member
Licensed User
Longtime User
Dear Hermann, Without having done any further research, I have the following guess: Modern virus or Trojan scanners use heuristic methods to search for suspicious code groupings within files rather than directly for malicious code. Hundreds of programmers worldwide use B4J and the codes and products generated by the software. It is very unlikely that in your case it is a real virus or Trojan, as you have proven to yourself by changing the file. We all got the B4J program code (hopefully) from the official Anywhere Software site. I am sure that appropriate measures have been taken there to prevent the spread of malware. Actually, the Trojan or virus should have spread worldwide since the last update... A certain signature in the "unprocessed" file appears suspicious to the scanners. Since all scanners basically look for the same suspicious code, all scanners also report a Trojan or virus.

Und nochmal in Deutsch:

Lieber Hermann,
ohne jetzt weiter nachgeforscht zu haben, habe ich folgende Vermutung:
Moderne Viren- oder Trojanerscanner suchen mittels heuristischer Methoden nach verdächtigen Codegruppierungen innerhalb von Dateien und weniger direkt nach einem schadhaften Code. Hunderte von Programmierern weltweit nutzen B4J und die durch die Software erzeugten Codes und Produkte. Es ist sehr unwahrscheinlich, dass es sich in Deinem Fall um einen wirklichen Virus oder Trojaner handelt, wie Du Dir ja durch die Veränderung der Datei selbst bewiesen hast. Wir haben alle den B4J- Programmcode (hoffentlich) über die offizielle Seite von Anywhere Software bezogen. Ich bin mir sicher, dass dort geeignete Massnahmen getroffen wurden, um eine Verbreitung von Schadsoftware zu verhindern. Eigentlich müßte sich dann der Trojaner oder Virus mittlerweile weltweit ausgebreitet haben seit dem letzten Update...
Eine gewisse Signatur in der "unbehandelten" Datei kommt den Scannern verdächtig vor. Da alle Scanner prinzipiell nach dem gleichen verdächtigen Code suchen, melden auch alle Scanner einen Trojaner oder Virus.
 
Upvote 0
You must log in or register to reply here.

Similar Threads

Mashiane
SithasoDaisy: Mashy Teaches TailwindCSS using b4x (with eBook)
4 5 6
Replies
105
Views
15K
Mashiane
Mashiane
cjpryor
  • Question
B4J Question Any issues with VirusTotal flagging your .exe files?
Replies
2
Views
608
cjpryor
cjpryor
Mashiane
Mashy Teaches WebApp/Website Development with BANanoVuetifyAD3 - The New Series
7 8 9
Replies
163
Views
42K
Mashiane
Mashiane
DarkoT
  • Question
B4J Question Desktop App with JasperLibrary - barcode problem
Replies
5
Views
2K
DarkoT
DarkoT
MichalK73
  • Question
B4J Question Virus in app B4J (Java:Agent-IGU [Trj]) ??
Replies
4
Views
1K
Rubsanpe
Rubsanpe
Top