DiscordMediaLoader icon indicating copy to clipboard operation
DiscordMediaLoader copied to clipboard

Published 20 hours ago verified publisher icon Serraniel

Ransomware Detected

Open aminiqmal39 opened this issue 3 years ago • 2 comments

I'm using Malwarebytes Anti-Ransomware Beta Security and while using Discord Media Loader. Suddenly, Malwarebytes software detect ransomware attack from the Discord Media Loader itself and immediately quarantine the software. Does the attack come from media that i'm download from discord or your software?

Ransomware

aminiqmal39 avatar Feb 25 '22 10:02 aminiqmal39

It seems like malwarebytes is detecting the executable as a false positive. I tried running it through virustotal and malwarebytes is one of two vendors (out of 69) which flag the tool as malicious. https://www.virustotal.com/gui/file/da8a01781f74fdddcae9eadf716ef0e05f65de103b74a1d44e3a4e44f4fa44cf/detection

Do you know if there is something as a log or detailed information in the software which you could provide? It may help to understand why this happens.

A possible reason I could think of is because the tool, when downloading and saving, does a lot of IO operation and writing files to drive which they mind find suspiscious.

I also find it kind of weird they flag the executable itself, cause it does basically nothing. It only contains the splash screen and update routine via Github releases, the Application logic itself is deployed in the dlls.

Serraniel avatar Feb 27 '22 12:02 Serraniel

Thank you for responds. The problem didn't happen anymore or not yet, maybe the media i'm downloading contains ransomware. i guess.

Here log file. I don't know if it help much

Full Version MBAMSERVICE.LOG

Medium Version MBAMSERVICE.LOG

Short Version MBAMSERVICE.LOG

Thank you for your work.

aminiqmal39 avatar Feb 28 '22 21:02 aminiqmal39