This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

bspatch.exe SHA256: 32a4664e367a5c6bc7316d2213e60086d2813c21db3d407350e4aca61c1b16a1 - safe or not?

Can Sophos confirm if bspatch.exe SHA256:  32a4664e367a5c6bc7316d2213e60086d2813c21db3d407350e4aca61c1b16a1 can be trusted as SAFE or not?


A ML/PE-A detection for bspatch.exe that occurred upon running jre-8u202-windows-x64.exe or jre-8u202-windows-i586.exe that was downloaded direclty from Oracle Website:

www.oracle.com/.../jre8-downloads-2133155.html

 

Malware detected ML/PE-A

SHA 256: 32a4664e367a5c6bc7316d2213e60086d2813c21db3d407350e4aca61c1b16a1

Path: C:\ProgramData\Oracle\Java\installcache_x64\321318843.tmp\bspatch.exe

or

c:\programdata\oracle\java\installcache\3575031.tmp\bspatch.exe



This thread was automatically locked due to age.
Parents Reply
  • Hi  

    The initial file (SHA256: 32a4664e367a5c6bc7316d2213e60086d2813c21db3d407350e4aca61c1b16a1) that was reported in this thread was confirmed to be a False positive. Since it was a Machine Learning detection, the requiered changes from our end has be done.

    Please confirm if the detection is for the same file (please verify the hash value -KBA -128147) and also do make sure the clients are online to reach Sophos reputation cloud DB to fetch the changes made.

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Children
No Data