This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

False negative or false positive?

I have a honeypot pc, I recently received a spam email with a link leading to a .exe file download. Sophos Intercept-x did not detect any malware. When uploading the file to virustotal.com some endpoints detected it as Trojan.GenericKD.67254445 (BitDefender, GData, F-Secure). I sent the file to Sophos: 

"The file doesn’t seems to be not detect worthy. The detection showing on the file by other vendors are Generic only."

Why do some endpoints detect it as a Trojan and Sophos doesn't?

SHA1:8e91d78f1b23b691b4d0f22907418e27b6213af6

Thanks



This thread was automatically locked due to age.