False Positive Submission

[Everade]

The sample is in the password protected zip file:
http://37.61.202.134/false/GatheringRO-Patcher.zip

The password for the rar file is:
infected

SHA256: 2d8fc70dbcb38c2f1985d7fdda2b1734aaee5ae131c4382ba53730d53a4ee981

We're running a MMORPG game with the name Gathering Ragnarok Online.
The game is online since over 12 years during which time we've always been using the same patcher system.

Now we're released a new version of the patcher which is currently being falsely detected and with that put into quarantine.

We can't understand why this is even happening.
There's no hidden virus, trojan or anything related to a bad software.
The only thing that changed with this latest relase was the IP Adress the patcher does connect to, because we've moved our server hardware.

The file isn't infected nor did we hide anything.

This patcher is part of our game installer which can be officialy downloaded from our website:
https://gatheringro.ch/?module=client

The patcher system we're using is from here:
http://thor.aeomin.net/

Version 2.6.4.13b

We're awaiting your response.

Sincerely
GatheringRO

[CJ166]

Hello,

Please report on the form https://www.pandasecurity.com/usa/homeu ... 494377380/

and to support@pandasecurity.com