Virus Total scan
Thomas Schweikle
tschweikle@bfs.de
Tue Aug 22 14:59:57 GMT 2023
It is the address of one of the distribution servers. Since this is not
"one server", but a cluster of servers, your "suspicious" server shows
only one thing: those "suspicious" flags are suspicious by themselves:
this particular server ist down since some time and only reports back a
broken html page telling "<h2>Our services aren't available right
now</h2><p>We're working to restore all services as soon as possible.
Please check back
soon.</p>06cvkZAAAAAA8FvmXFYIOTZ2TS15AJl0/RFVTMzBFREdFMDkxNwBFZGdl"
If this is enough to get flagged as "suspicious" ...
Am Di., 22.Aug..2023 um 16:12:51 schrieb Dom Woods - BGS via Cygwin:
> Hi Cygwin,
>
> I scanned your application through Virus Total as per our company policy and noticed that the installation process calls out to a suspicious Microsoft IP 13.107.4.50, this ip has been flagged by 8 vendors as malicious, I get varying responses for what it is used for (an os updater or a file distributer) and wanted to ask what does Cygwin use it for? I can't seem to contact it with nslookup or ping it and Virus Total says that it gives a 'status 400' results so it might not be in use anymore anyway but just wanted to check.
>
> Here is your Virus Total graph results: https://www.virustotal.com/graph/6bad4555154b3b348d1bfb633a2e9d6086aa46e36952f456a434ecef5b0010e0
> Here is the scan of the IP address' results: https://www.virustotal.com/gui/url/3397a00da1c5aa448611892c12d38fee37fcd60321720a6e242cb0167e381901/detection
>
>
> Kind regards,
> Dom woods
>
>
>
>
> This email and any attachments are intended solely for the use of the named recipients. If you are not the intended recipient you must not use, disclose, copy or distribute this email or any of its attachments and should notify the sender immediately and delete this email from your system. UK Research and Innovation (UKRI) has taken every reasonable precaution to minimise risk of this email or any attachments containing viruses or malware but the recipient should carry out its own virus and malware checks before opening the attachments. UKRI does not accept any liability for any losses or damages which the recipient may sustain due to presence of any viruses.
>
>
--
Mit freundlichen Grüssen
*i. A. Thomas Schweikle*
Endgeräte und Servicedesk | Devices and Servicedesk
—
Bundesamt für Strahlenschutz | Federal Office for Radiation Protection
Informationstechnik | Information Technology | DO 3
Ingolstädter Landstrasse 1
85764 Oberschleißheim
Tel.: +49 30 18333-2594
E-Mail: tschweikle@bfs.de <mailto:tschweikle@bfs.de>
Wenn möglich signieren und verschlüsseln Sie ihre Mail mit
GnuPG oder einem äquivalenten Produkt. Der öffentliche
Schlüssel für die Verschlüsselung ist angehängt (*.asc-Datei).
—
🌐 Besuchen <https://www.bfs.de/> Sie unsere Website und abonnieren
<https://www.bfs.de/strahlenschutzaktuell> Sie unseren 📢 Newsletter
<https://www.bfs.de/strahlenschutzaktuell>.
🔒 Informationen zum Datenschutz <https://www.bfs.de/datenschutz> gemäß
Artikel 13 DSGVO
💚 E-Mail drucken? Lieber die Umwelt schonen!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x27AE2304B4974851.asc
Type: application/pgp-keys
Size: 2480 bytes
Desc: OpenPGP public key
URL: <https://cygwin.com/pipermail/cygwin/attachments/20230822/3ad480ca/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 321 bytes
Desc: OpenPGP digital signature
URL: <https://cygwin.com/pipermail/cygwin/attachments/20230822/3ad480ca/attachment-0001.sig>
More information about the Cygwin
mailing list