Safe
New unsigned utility flagged by zero tier-1 engines; 16 major antivirus products report clean; no malicious indicators detected.
585570621aafc58399…819af4e1fdThe verdict, reasoned out.
Not a rules engine. The MT AI Engine reads every signal we collected, weighs them against history, and commits to an answer.
The sample is a newly submitted unsigned file claiming to be an FPS (frames-per-second) performance optimizer. All 16 tier-1 antivirus engines report it undetected or harmless, with zero malicious detections across the entire 60-engine reporting set. No heuristics fired, no sandbox malicious verdicts exist, and external intelligence sources (CIRCL, MalwareBazaar, YARAify) returned no hits. The filename does not match security-software or research-tool patterns, and no brand mismatch was detected. While the file's newness (0 days, 1 submission) and unsigned status warrant caution, the unanimous tier-1 consensus strongly indicates a benign utility.
Each signal cites a concrete token from the evidence the arbiter saw — engine name, MITRE technique, signer string, or an exact count.
tier1ReportedClean=16 engines (Kaspersky, Microsoft, BitDefender, ESET-NOD32, Fortinet, Avast, AVG, Avira, DrWeb, Emsisoft, F-Secure, GData, Ikarus failure) — no tier-1 malicious consensus
engines.malicious=0/60 reporting; tier1Malicious=0 — zero detections across all trust tiers
prevalence.classification='rare_new' (1 submission, 0 days) — new file, not yet widely distributed, consistent with benign utility
No external intel hits: externalIntel.circl.hit=false, malwareBazaar.hit=false, yaraify.ruleCount=0 — no researcher corroboration of malice
behaviour=null, droppedChildren=null, contactedHosts=null — no sandbox or runtime malicious indicators available or observed
- 16 tier-1 antivirus engines report clean (Kaspersky, Microsoft, BitDefender, ESET-NOD32, Fortinet, Avast, AVG, Avira, DrWeb, Emsisoft, F-Secure, GData, Ikarus, and others)
- Zero malicious detections across all 60 reporting engines
- No external intelligence hits (CIRCL, MalwareBazaar, YARAify)
- No malicious sandbox verdicts, dropped children, or contacted hosts
- No triggered heuristics or brand mismatch
This file appears safe to use based on tier-1 antivirus consensus and absence of malicious indicators. Verify the source before installation and monitor system performance to confirm the claimed FPS improvement.
0 detections across 74 engines
How often this file shows up in the wild
Barely seen in the wild and first surfaced recently. This is the footprint of targeted malware the AV industry hasn't signatured yet — extra scrutiny is warranted.
Forensic fingerprint
- File name
- fps improver v2
- Size
- 48.5 KB
- MIME type
- (unknown)
- Detected type
- C
- SHA-256
- 585570621aafc58399a4a030bfb6bb0e05f3e12dbeb91921df1054819af4e1fd
- MD5
- c65c258934b2b5b6d7007140d21931cf
- SHA-1
- 47e231f1d5b88b3675f333bee939c40382d64c9f
- First seen (VT)
- 6/18/2026, 3:47:34 AM
- Last analysis (VT)
- 6/18/2026, 3:47:34 AM
- First scan (MalwareTips)
- 6/18/2026, 3:55:15 AM
- Last scan (MalwareTips)
- 6/18/2026, 3:55:15 AM
Reviews & malware reports(0)
Tell the community what you saw. Tag the sample — Trojan, Adware, False Positive — and share what the file did on your system. Your report helps confirm or dispute the AV verdict.