I have been messing with these Payload Dumper execution files and have found them to be malicious, non-false positive. I have a highly secure position at a chemical company and our computer security apparatus has been dialed-up a notch, rightly so. I had previously found these executables to be quite handy but when messing with them today, after having not used it in awhile, I found them to have some suspicious behavior. My computer has recently undergone some upgrades in the security department and I'd like to share with the community what I have found. I'm sure many of you use these on a regular basis. I am posting the results from two popular locations from which these files are received.
The 1st: https://github.com/ssut/payload-dumper-go/releases (payload-dumper-go.exe)
Result: https://www.virustotal.com/gui/file...87757940e9eed41428a9388dc05b25f04d7/detection
The 2nd: https://mega.nz/folder/vU00FZDa#PIEfjl5w5wonyNAwHW3FBQ (payload-dumper.exe)
Result: https://www.virustotal.com/gui/file...cd8a7dd5067bd1384b074b121da5bc244bb/detection
I can't share what the anti-virus program on my computer came up with as it has some proprietary information sprinkled throughout but it's along the same lines as what is discussed on the links I shared. For example....in both instances the registry of the computer being used is being altered in ways that is absolutely meant for disingenuous motives.
I highly suggest if you have been using these, you remove them and scrubb your machine.
The 1st: https://github.com/ssut/payload-dumper-go/releases (payload-dumper-go.exe)
Result: https://www.virustotal.com/gui/file...87757940e9eed41428a9388dc05b25f04d7/detection
The 2nd: https://mega.nz/folder/vU00FZDa#PIEfjl5w5wonyNAwHW3FBQ (payload-dumper.exe)
Result: https://www.virustotal.com/gui/file...cd8a7dd5067bd1384b074b121da5bc244bb/detection
I can't share what the anti-virus program on my computer came up with as it has some proprietary information sprinkled throughout but it's along the same lines as what is discussed on the links I shared. For example....in both instances the registry of the computer being used is being altered in ways that is absolutely meant for disingenuous motives.
I highly suggest if you have been using these, you remove them and scrubb your machine.