XYplorer Beta Club
Hello,
my Sophos endpoint found following threat
Disrupt_2a (T1574.002) found in C:\XYplorer\XYplorer.exe
for the Sophos KB:
"The "Disrupt" detections are related to our Adaptive Attack Protection. These typically indicate an active, hands-on attack within your environment. Please see the knowledgebase article at https://support.sophos.com/support/s/ar ... uage=en_US and take immediate action".
For now I've disable Adaptive Attack Protection and set the exclusion for C:\XYplorer folder.
Can you investigate about this ?
thanks in advance
Best regards
Davide
Sophos found threat
-
Horst
- Posts: 1374
- Joined: 24 Jan 2021 12:27
- Location: Germany
Re: Sophos found threat
What should the Author investigate here ?
It's normal behavior of all Anti-Virus tools to produce false positives.
They will learn over the time and adapt the signatures.
As you already did, make an exception for XY.
Send your exe to Virus-Total and see what the detections are.
https://www.virustotal.com/gui/home/upload
That's the current results, which also includes Sophos.
It's normal behavior of all Anti-Virus tools to produce false positives.
They will learn over the time and adapt the signatures.
As you already did, make an exception for XY.
Send your exe to Virus-Total and see what the detections are.
https://www.virustotal.com/gui/home/upload
That's the current results, which also includes Sophos.
You do not have the required permissions to view the files attached to this post.
Windows 11 Home, Version 25H2 (OS Build 26200.8457)
Portable x64 XYplorer (Actual version, including betas)
Display settings 1920 x 1080 Scale 100%
Everything 1.5.0.1412b (x64), Everything Toolbar 2.3.0, Listary Pro 6.3.6.99
Portable x64 XYplorer (Actual version, including betas)
Display settings 1920 x 1080 Scale 100%
Everything 1.5.0.1412b (x64), Everything Toolbar 2.3.0, Listary Pro 6.3.6.99