Virustotal - FBI Cooperation

Mark Steward marksteward at
Sun Oct 21 15:42:23 PDT 2018

Are you saying you can't share it because it was only on VT, and you don't
have the original any more?


On Sun, 21 Oct 2018, 19:06 Ryan Carboni, <ryacko at> wrote:

> I have obtained a file that I believe is government malware. It hashes
> to D7161581BAAA04FC2E515BF724CC2CC17C2520A3574717D53A8F9D638E3D30F, and is
> signed by Microsoft.
> This should be the appropriate link:
> However when trying to archive the link, the link comes up as 404.
> <> I have a photograph of
> the virustotal scan, while I believe I am pwned, the government is well
> aware of the first amendment concerns of altering photographs in a person’s
> possession as opposed to merely suppressing scans or whatever balancing
> test they hide away from us. I could upload the screenshots, but I’m using
> a different computer right now and I’m a bit on edge from all this.
> It is not inconceivable that the FBI and virustotal are cooperating with
> known file hashes and are suppressing them from public view, especially
> given that virustotal gives access to uploaded files to major cyber
> security and antivirus firms.
> I would like to know the process in which these irregularities occur, and
> whether or not there are consequences for misuse of valid activities for
> corrupt ends and what checks are there on it.
> Maybe the relevant civil liberties concerns could investigate.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2178 bytes
Desc: not available
URL: <>

More information about the cypherpunks mailing list