cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Help identifying a malware program that's been marked as such by McAfee

Hi. I was wondering if anyone could help me out or point me in the right direction regarding a malware program that is a trojan horse designed mostly for macOS. The bundled app and a number of it's files have been detected as malware (OSX Genieo and PUA.OSX mostly) by McAfee and a number of other av companies according to VirusTotal. However it seems like the developer releases new versions frequently that I'm assuming will have a different checksum or have somehow hidden the indicators listed by VirusTotal in previous reports that have detected the program as malware.

In addition to this I have plenty of evidence the program is malware, including it making a lot of communications with IP addresses that are servers hosting tons of known malware, somehow exploiting symantec's and digicert's certificate ocsp response as well as potentially Apple's or generating fake responses to crl checks, network IDS codes to prevent execution if it detects a debugger is running, scanning the local network for other connected devices, and other various suspicious NIDS codes, among other various indicators that I'd like to further confirm.

Is there anyway to tell why something was declared malware by McAfee and to have other versions of the program flagged as malware whose sha256 hash checksum has changed to avoid evasion?

1 Reply
Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 2 of 2

Re: Help identifying a malware program that's been marked as such by McAfee

@chasedaniel,

                     I will contact someone on your behalf at McAfee Labs. Of course you could follow these guidelines/instructions.  https://community.mcafee.com/t5/Malware/What-To-Do-When-McAfee-Detects-Software-As-An-Infection-How-...

Cliff
McAfee Volunteer

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community