Welcome! Just a note on a publisher called Fileangels. The Fileangels download – setup.exe – was detected when I uploaded it to VirusTotal. Did you also find a download by Fileangels? Was it also detected when you uploaded it to VirusTotal?
This is how Fileangels appears when running the file:
By looking at the certificate we can see that Fileangels appears to be located in Kansas City, USA.
The reason I’m writing this blog post is that the Fileangels file is detected by some of the anti-malware scanners at VirusTotal. AVG detects setup.exe as AdPlugin.BNR, Fortinet detects it as W32/Zbot.AAN!tr, Kaspersky detects it as Trojan.Win32.Badur.jukw, Malwarebytes reports PUP.Optional.OptimunInstaller and McAfee detects it as IBryte-FRT. In addition, the Fileangels download was also promoted as a “Java Update”.
Did you also find a file digitally signed by Fileangels? Where did you find it and are the anti-virus programs detecting it? Please share in the comments below.
Thanks for reading.