JP Duvillard Posted October 1, 2020 Report Posted October 1, 2020 Enpass has been the recommended Password Manager in our company for a couple of years now so it's installed on a few Desktops and Mobile phones. Yesterday and today, some of our desktops have been flagged by Crowdstrike and the EnpassStartup.exe has been quarantined. Here are some of the reported data from Crowdstrike: ACTIONS TAKEN Process blocked, File quarantined SEVERITY Low OBJECTIVE Falcon Detection Method TACTIC & TECHNIQUE: Machine Learning via Cloud-based ML TECHNIQUE ID CST0008 SPECIFIC TO THIS DETECTION This file meets the File Analysis ML algorithm's low-confidence threshold for malware. TRIGGERING INDICATOR Associated IOC (SHA256) 60456913d5f80b7793b213c6ca47e801c781698d7a162727862b65523c9eacd9 GLOBAL PREVALENCE Common LOCAL PREVALENCE Common HASH PREVENTION ACTION None Associated File \??\C:\Program Files\WindowsApps\SinewSoftwareSystems.EnpassPasswordManager_6.50.700.0_x86__fwdy0m65qb6h2\EnpassStartup\EnpassStartup.exe COMMAND LINE "C:\Program Files\WindowsApps\SinewSoftwareSystems.EnpassPasswordManager_6.50.700.0_x86__fwdy0m65qb6h2\EnpassStartup\EnpassStartup.exe" FILE PATH \Device\HarddiskVolume2\Program Files\WindowsApps\SinewSoftwareSystems.EnpassPasswordManager_6.50.700.0_x86__fwdy0m65qb6h2\EnpassStartup\EnpassStartup.exe
Pratyush Sharma Posted October 1, 2020 Report Posted October 1, 2020 Hi @JP Duvillard, Welcome to the forums! We reported about this false positive to the CrowdStrike team and here's their reply: "Our team carefully analyzed your false positive request and determined that the file does not meet our detection criteria. The file will not be detected by our scanner. Thank you for helping us improve our product" The update regarding this will be released by them soon.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now