MD5 value for threats detected on Mac devices is always all zeroes

  • 6 April 2018
  • 2 replies
  • 39 views

I used terminal via LiveConnect to check the file using "openssl MD5 [filename]" and got an accurate value then cross-referenced with virusttotal.com which determined it was clean.
 
Are there plans to update whatever command is being used to detect MD5 values on Mac files?

2 replies

Userlevel 7
Badge +36
@ wrote:
I used terminal via LiveConnect to check the file using "openssl MD5 [filename]" and got an accurate value then cross-referenced with virusttotal.com which determined it was clean.
 
Are there plans to update whatever command is being used to detect MD5 values on Mac files?
The reason you're seeing a value of zeroes means that it's a string detection, it is not indicative of anything other than that. The detection is not based on the hash of the file, it's based on the content of the binary.
@ thanks for the clarification!

Reply