Safe
Text configuration file with zero malicious detections across 61 antivirus engines, including 16 tier-1 vendors; no external threat intelligence hits.
7d258c923efe430e3d…691f935511The verdict, reasoned out.
Not a rules engine. The MT AI Engine reads every signal we collected, weighs them against history, and commits to an answer.
The file exhibits a clean profile across all detection channels. Sixteen tier-1 antivirus engines remain silent, indicating no signature or heuristic match for known malware families. The file's small size (462 bytes), text format, and .cfg extension are consistent with a benign configuration file. No adversarial input patterns were detected in the filename or metadata. The rare_new prevalence classification is expected for newly submitted configuration files and does not contradict the strong clean consensus. The absence of external intelligence hits (CIRCL, MalwareBazaar, YARAify) and the lack of any triggered heuristics further support a benign classification.
Each signal cites a concrete token from the evidence the arbiter saw — engine name, MITRE technique, signer string, or an exact count.
tier1Malicious=0; 16 tier-1 engines (Avast, BitDefender, Kaspersky, Microsoft, ESET-NOD32, Fortinet, GData, F-Secure, Emsisoft, DrWeb, Avira, AVG, Ikarus-failure, others) all undetected or silent
engines.malicious=0/61 reporting; onlyLowTrustFlagging=false (no low-trust detections present)
File is unsigned, 462 bytes, text-type .cfg; no PE analysis, no signer history, no brand mismatch
No external intel hits: CIRCL.hit=false, MalwareBazaar.hit=false, YARAify.ruleCount=0
No behaviour data, no dropped children, no malicious host contacts, no triggered heuristics
- 16 tier-1 antivirus engines (Microsoft, Kaspersky, BitDefender, ESET-NOD32, Fortinet, GData, F-Secure, Emsisoft, DrWeb, Avira, AVG, Avast, and others) all undetected
- Zero malicious detections across 61 reporting engines
- No external threat intelligence hits (CIRCL, MalwareBazaar, YARAify)
- No triggered heuristics, no adversarial input flags
- Text-format .cfg file with no PE structures or executable code
This file is safe. No action is required. If you need to verify its legitimacy, confirm it came from the expected application or vendor.
0 detections across 75 engines
How often this file shows up in the wild
Barely seen in the wild and first surfaced recently. This is the footprint of targeted malware the AV industry hasn't signatured yet — extra scrutiny is warranted.
Forensic fingerprint
- File name
- MegaDragon.cfg
- Size
- 462 B
- MIME type
- application/octet-stream
- Detected type
- Text
- SHA-256
- 7d258c923efe430e3da8615c80b5570359929dbe724520225a5357691f935511
- MD5
- aec4100d356c1e10ad9ce338f78c9bf5
- SHA-1
- 58d2aece35f3a5e324364ffffbdb9f9dcdcf145d
- First seen (VT)
- 6/29/2026, 6:39:53 AM
- Last analysis (VT)
- 6/29/2026, 6:39:53 AM
- First scan (MalwareTips)
- 6/29/2026, 6:41:07 AM
- Last scan (MalwareTips)
- 6/29/2026, 6:42:24 AM
Reviews & malware reports(0)
Tell the community what you saw. Tag the sample — Trojan, Adware, False Positive — and share what the file did on your system. Your report helps confirm or dispute the AV verdict.