this post was submitted on 04 Sep 2023
2 points (100.0% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54539 readers
200 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others

Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):

💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
db0@lemmy.dbzer0.com
sunbrothersco@lemmy.dbzer0.com
dataprolet@lemmy.dbzer0.com
Flatworm7591@lemmy.dbzer0.com
RandomLegend@lemmy.dbzer0.com
2
This file has 16 detections, is it safe to install it? (reddthat.com)
submitted 1 year ago* (last edited 1 year ago) by Aresff@reddthat.com to c/piracy@lemmy.dbzer0.com
7 comments fedilink hide all child comments
 

https://www.virustotal.com/gui/file/a64ef85085e7db98244dd2128b2674f02e7fd0dff3ba393525edeedcb5ad6044/detection

I downloaded it from androeed.ru, which is in the megathread. However, it has 16 detections, and it's labled trojan, and I never used androeed.ru before, so idk how trustable it is.

Still I'm tempted to install it since sandbox found no Network comms. But I'm new to piracy so I think I should ask here first.

Thanks for replying! Edit to provide a bit more info:

  1. This is a mod apk file for a paid game called sproggiwood, so I thought it would be normal to drop files like /libandroeedru.so, you know, to unlock game or something.

  2. The site androeed.ru is in the 2nd place in "Android Cracked/Modded App Markets & Repos" list, right after mobilism, so I thought it was a famous piracy site as well. (I'm new to piracy, so idk. Is it famous?)

  3. This file was uploaded to androeed at 2020, which means if it is indeed malicious, the site is unsafe since 2020, so it should be removed from megathread long time ago. Is the megathread that outdated?

  4. Trojan means it steals info via internet. And virustotal said it only contacted 5 domains: 1: clientservices.googleapis.com 2: connectivitycheck.gstatic.com 3: gmscompliance-pa.googleapis.com 4: gstatic.com 5: infinitedata-pa.googleapis.com Does this mean the detections are false positives or am I missing something?

I'm at a loss. Please help! Thank you very much.

top 7 comments
sorted by: hot top controversial new old
[–] glad_cat@lemmy.sdf.org 2 points 1 year ago (2 children)

A russian file labeled as a trojan? It must be perfectly safe. Or at least you’ll learn a valuable lesson.

[–] jet@hackertalks.com 1 points 1 year ago

This is clearly a trap. This hook is so shiny. Any idiot would know this. But I really want the bait! One bite won't hurt

[–] Aresff@reddthat.com 0 points 1 year ago (1 children)

Are russian files more likely to be malicious? I'm curious.

[–] glad_cat@lemmy.sdf.org 2 points 1 year ago

In the past (I.e. 90s to 2000), very yes. Nowadays I don’t know, but with the war and the spying stuff, I would still avoid such sources.

[–] thelonelyghost@infosec.pub 2 points 1 year ago* (last edited 1 year ago) (1 children)

This reads the same as "hi, my friend saw my {dating app} date's photo up at the post office with the note that they were wanted for the murder of 16 different {my demographic}. Should I still go on a date with them to that remote cabin in the woods?"

[–] phx@lemmy.ca 2 points 1 year ago

From a .RU site no less...

[–] Pulp@lemmy.dbzer0.com 1 points 1 year ago

Find another source