Notepad++ 7.2.1 Detected as W32.670B0FC09E.ab2 in Cisco Sourcefire AMP
-
Hello!
It looks like since the release of 7.2.1, Sourcefire AMP is detecting Notepad++ as W32.670B0FC09E.ab2
It also looks like it sets off a few more alarms in other anti-virus programs as well
7.2.1:
https://www.virustotal.com/en/file/670b0fc09e835e91ee66ece0db20d337d73c22d598e21e3d209c75ed87e858f3/analysis/1479852361/
7.2:
https://www.virustotal.com/en/file/3283d667aba040858163c58c0c83b6487ce7db88f6265af022d4ee954bc3bdb2/analysis/1479852416/I can put it in our whitelist, but I thought I would mention this in case something can be done about this, or if anyone else finds the same thing!
-
Yes, we are running into this same issue as well.