Safe
ZIP archive with zero malicious detections across 65 antivirus engines, including 17 tier-1 vendors; no sandbox or external intel corroboration of threats.
c8b4cd1612482a34eb…281d4c63e9The verdict, reasoned out.
Not a rules engine. The MT AI Engine reads every signal we collected, weighs them against history, and commits to an answer.
The file is a benign ZIP archive with unanimous clean verdicts from our antivirus network. Seventeen tier-1 engines—among the most reliable malware detectors—all report no detection. The absence of any malicious label, sandbox verdict, or external intelligence corroboration (CIRCL, MalwareBazaar, YARAify all negative) strongly indicates the file is safe. The rare_new prevalence classification reflects only that this specific archive is newly submitted; it does not contradict the clean consensus. No heuristic rules fired, and no adversarial filename patterns were detected.
Each signal cites a concrete token from the evidence the arbiter saw — engine name, MITRE technique, signer string, or an exact count.
tier1Malicious=0; 17 tier-1 engines (Kaspersky, Microsoft, BitDefender, ESET-NOD32, Avira, Fortinet, F-Secure, Emsisoft, Ikarus, GData, DrWeb, Avast, AVG) all undetected
engines.reporting=65/75; malicious=0, suspicious=0, undetected=64 — unanimous clean across all reporting engines
prevalence.classification=rare_new (1 submitter, 1 submission) — new file but no malicious signals to justify concern
No sandbox behaviour data, no dropped children, no contacted hosts, no external intel hits (CIRCL, MalwareBazaar, YARAify all false)
adversarialInputFlags all false; triggeredHeuristics empty; no brand mismatch — no adversarial or heuristic red flags
- 17 tier-1 antivirus engines all undetected (Kaspersky, Microsoft, BitDefender, ESET-NOD32, Avira, Fortinet, F-Secure, Emsisoft, Ikarus, GData, DrWeb, Avast, AVG)
- 65/75 total engines reporting; 0 malicious, 0 suspicious, 64 undetected
- No external intelligence hits (CIRCL, MalwareBazaar, YARAify all negative)
- No sandbox malicious verdict, no dropped children, no malicious contacted hosts
- No adversarial filename patterns or hidden characters detected
This file is safe. No further action is needed. If you wish to inspect the contents of the ZIP archive, extract and scan individual files, but the archive itself presents no detected threat.
0 detections across 75 engines
How often this file shows up in the wild
Barely seen in the wild and first surfaced recently. This is the footprint of targeted malware the AV industry hasn't signatured yet — extra scrutiny is warranted.
Forensic fingerprint
- File name
- checker (2) (2).zip
- Size
- 6.7 KB
- MIME type
- application/x-zip-compressed
- Detected type
- ZIP
- SHA-256
- c8b4cd1612482a34eb0f8b37926654e72b7bd6f02a745f2c5d43c4281d4c63e9
- MD5
- f384e95e6eef7d2a37e458b578e42020
- SHA-1
- b7d4cc6e094bf8417d3fdfd13f89a0cd1b71e9cd
- First seen (VT)
- 6/28/2026, 10:25:20 AM
- Last analysis (VT)
- 6/28/2026, 10:25:20 AM
- First scan (MalwareTips)
- 6/28/2026, 10:26:26 AM
- Last scan (MalwareTips)
- 6/28/2026, 10:26:26 AM
Reviews & malware reports(0)
Tell the community what you saw. Tag the sample — Trojan, Adware, False Positive — and share what the file did on your system. Your report helps confirm or dispute the AV verdict.