ssf icon indicating copy to clipboard operation
ssf copied to clipboard
verified publisher icon securesocketfunneling

ssf-win-x86_64-3.0.0.zip is a trojan

Open jtmoon79 opened this issue 4 years ago • 2 comments

The download ssf-win-x86_64-3.0.0.zip appears to be a trojan.

https://www.virustotal.com/gui/file/329748f6ea665d1c398cc09f19cee5784d5356eaf8a49988c069d4bffbca9f26/detection

jtmoon79 avatar Apr 05 '21 22:04 jtmoon79

False positive or not, a detection ratio of 46/67 on VirusTotal is a problem. It cannot be downloaded in Chrome nor in Firefox unless you force it. Even then, it does not stay long because it will be nuked by practically any decent antivirus.

If you manage to unzip it, the main offender seems upx-ssf.exe (VT detection ratio: 34/71): image UPX compression is popular among malware: https://www.esecurityplanet.com/threats/upx-compression-detection-evasion/

All of the executables get high VT detection ratios.

colemar avatar Nov 04 '24 14:11 colemar

It's 52/72 for just ssf.exe from ssf-win-x86_64-3.0.0.zip https://www.virustotal.com/gui/file/19ec3f16a42ae58ab6feddc66d7eeecf91d7c61a0ac9cdc231da479088486169

nebulous999 avatar Mar 17 '25 15:03 nebulous999