I have a honeypot pc, I recently received a spam email with a link leading to a .exe file download. Sophos Intercept-x did not detect any malware. When uploading the file to virustotal.com some endpoints detected it as Trojan.GenericKD.67254445 (BitDefender, GData, F-Secure). I sent the file to Sophos:
"The file doesn’t seems to be not detect worthy. The detection showing on the file by other vendors are Generic only."
Why do some endpoints detect it as a Trojan and Sophos doesn't?
This thread was automatically locked due to age.