Safe
ZIP archive with zero malicious detections across 65 engines including all tier-1 vendors; no sandbox or external threat signals.
b771cff094bebf43d4…e07c4cdc3aThe verdict, reasoned out.
Not a rules engine. The MT AI Engine reads every signal we collected, weighs them against history, and commits to an answer.
The file presents a clean profile across all high-trust detection engines. Zero malicious detections among 65 reporting engines, with tier-1 vendors unanimously reporting undetected status, indicates the archive is not recognized as a known threat. The absence of sandbox execution data is expected for ZIP files, which do not execute directly. No external intelligence sources (CIRCL, MalwareBazaar, YARAify) corroborate any threat. The rare_new prevalence classification reflects limited submission history rather than suspicious behaviour. Unsigned status and lack of signer history are typical for legitimate portable-application archives.
Each signal cites a concrete token from the evidence the arbiter saw — engine name, MITRE technique, signer string, or an exact count.
engines.tier1Malicious=0; 12 tier-1 engines (Avast, BitDefender, Kaspersky, Microsoft, ESET-NOD32, Fortinet, others) all undetected
engines.malicious=0 across all 65 reporting engines; no malicious labels present
prevalence.classification=rare_new (2 submitters); no prior reputation history
signing.verified=false; unsigned file with no signer history to establish trust
externalIntel: CIRCL=false, MalwareBazaar=false, YARAify.ruleCount=0; no external corroboration of threat
- All 12 tier-1 antivirus engines report undetected/clean
- Zero malicious detections across 65 reporting engines
- No external threat intelligence corroboration (CIRCL, MalwareBazaar, YARAify all negative)
- No sandbox malicious behaviour recorded
- No adversarial input flags in filename or metadata
This file is safe to use based on comprehensive antivirus scanning and absence of malicious behaviour signals. If you extracted the archive and encounter unexpected behaviour, re-submit the extracted files for analysis.
0 detections across 75 engines
How often this file shows up in the wild
Barely seen in the wild and first surfaced recently. This is the footprint of targeted malware the AV industry hasn't signatured yet — extra scrutiny is warranted.
Forensic fingerprint
- File name
- PigPack.zip
- Size
- 2.09 MB
- MIME type
- application/x-zip-compressed
- Detected type
- ZIP
- SHA-256
- b771cff094bebf43d4dba4c1d9ce8e10715f0a69d45b8afcd05107e07c4cdc3a
- MD5
- 3f3219613350925d04a6255efaeab4fa
- SHA-1
- 011e31820972dc2e1b82f1afd52bdb8ffe8c506a
- First seen (VT)
- 6/9/2026, 1:07:09 AM
- Last analysis (VT)
- 6/9/2026, 1:07:09 AM
- First scan (MalwareTips)
- 6/9/2026, 1:08:06 AM
- Last scan (MalwareTips)
- 6/9/2026, 1:39:51 AM
Reviews & malware reports(0)
Tell the community what you saw. Tag the sample — Trojan, Adware, False Positive — and share what the file did on your system. Your report helps confirm or dispute the AV verdict.