Re: streetsidesoftware.code-spell-checker-2.0.2 - Marked as Malicious

jbates5873 · ‎09-01-2021

Hello Cisco team.

the following file has been marked as malicious. Am yet to open a TAC case. We believe that it may be a false positive. The most recent commit was pushed to Github at

01/09/2021, 23:32:19

https://marketplace.visualstudio.com/items?itemName=streetsidesoftware.code-spell-checker&ssr=false#overview

https://github.com/streetsidesoftware/vscode-spell-checker

Detection W32.22AD355DDB-95.SBX.TG

Fingerprint (SHA-256) 22ad355ddb4692c52f69d0f3ff9c709629f1a247bb360b7c650fbe908f666a77

File Name streetsidesoftware.code-spell-checker-2.0.2

File Size 1.99 MB

Parent Filename Code Helper (Renderer)

Severity Medium

Cheers

Ken Stieers · ‎09-01-2021

Here's what I did for the one last night:

1. Make sure it got uploaded to ThreatGrid. (Fetch and Submit for Analysis in the Amp console)
2. Then open a file reputation dispute ticket at Talosintelligence.com.
3. Open a TAC case.

jesutorr@cisco.com · ‎09-01-2021

Hi,

The file has been marked as Clean by the diagnostic team, file won't be detected by Secure Endpoint (AMP) anymore.

SHA256: 22ad355ddb4692c52f69d0f3ff9c709629f1a247bb360b7c650fbe908f666a7

SHA-1: 63e1a06e65426f049953d14ab04e64ed856051d8
MD5: 8880dcc1a5d531ec64069c170f21545f

Virus Total Analysis

Detections: 0/58
ClamAV: Not Detected
TETRA: Not Detected
Sophos: Not Detected
McAfee: Not Detected
File Name: f_0000a6
File Size: 2,037 KB

AMP Cloud

Disposition: Clean

I hope this information helps

Cheers,