Hi , Somebody sent me this file so I want to know if it is virus or not
[LINK REMOVED]
And what is its function? or what does it do?
I am afraid to test it.
Please remove or disable the live link to a suspect file, it puts others at risk (one which you don’t want to take).
e.g. hXXps://???.discordapp.com/attachments/374950791921926146/562385925674631188/Panzer.exe
Who sent it and why did they send it ?
Suspect files can be uploaded to VirusTotal.com for scanning and I have done that based on your url (which can be removed/modified as suggested) at first there were Zero detections and I then searched for its SHA-256 hash and that returned a result of 1 of 70 scanners see it as suspicious (see link below), not very conclusive .
Some advice, should someone you send you a file that:
- you weren’t expecting.
- you didn’t know who sent it.
- what its purpose is.
I would advice don’t take any risk deletion is probably best.
I requested from an admin on a discord server, an Auto Aim software -Called Panzer- for a game, not a virus, and its original size is 20 KB,
I didn’t expect that he was going to give me the software because he was an admin and he never posted cheats before, but then he gave me a link for it, I realized that its size was 8 KB , and it is not original, I had my doubts, and thought “What if it is an undetected spying file?” so I asked him lots of questions about the software, but he scanned it for me and said it is not a virus, so I scanned it with Anti Virus, even my anti virus didn’t detect it, so I decided to run it in a Sandbox, then a window appeared to me with one 1 button “do hax” but I didn’t click on it , I clicked on “X” to close the window of the software, so it started making another window instead of closing, every time I click on “X” to close the software, another window appears.
So I restarted MY PC and made and chose a “system restore” point so my PC comes back to look like nothing happened, I asked him about the “window problem”, he said: "oooh i know what you are seeing, well that is a side effect really, you need to live with that when you run panzer and the real panzer window appear behind it" and said" if it replicates, just keep closing it, it will work eventually"
And asked him what does “do hax” button do?, he said that I shouldn’t click on that, said he doesn’t remember its function, I told him to test it, he said why would I test it? and he refused to test it and said “i suppose its something stupid”.
And after that long discussion I didn’t download it again.
I am just afraid if he spies on my desktop even after choosing a system restore point.
He didn’t remove my doubts and I don’t know if that files is safe or not, so I came here to ask you if you can see this file is a virus or undetected spying file or something like that or not.
Thank You.
Well I’m not a gamer, so looking for or using cheats, etc. isn’t something that I do or am familiar with. I guess there is going to be an element of risk associate with this practice if it isn’t from a reputable company and how do you determine its potential risk.
System Restore is far from perfect, it doesn’t cover or restore everything (though windows 10s backup and creation of a system image is better).
VirusTotal does a reasonably good job with the multiple AV scanners scanning the file and the Details and Community sections of the Analysis can provide a little more detail.
Can you or any of Avast Team extract/analyse that file and see if it is dangerous or not?
First I’m an avast user like yourself not an Avast Team member. This isn’t really what avast do, normally it is files that are considered malicious that are uploaded to avast for analysis.
You can however manually add the file(you think is malicious but not detected) to the Virus Chest
From there you can upload the file for analysis.
Open the Virus Chest (Right click the Avast Tray Icon) - use the Add File… button once added to the chest and you can see the file in the Chest, click the … (three dots, menu options) to Send for analysis.
Other options
You can send file to Avira and you get result in mail https://analysis.avira.com/en/submit
Or F-Secure https://www.f-secure.com/en/web/labs_global/submit-a-sample
rember to tic the " I want to give more details about this sample and to be notified of the analysis results" if you want a reply