Malware in pngfix.exe

[lonbinder]

Actual Behavior

MalwareBytes detected "Malware.AI.3463014742" in ANACONDA3\LIBRARY\BIN\PNGFIX.EXE. Details were: 1000000, 0, 1.0.50861, F89F1ECEE04D3A7BCE696956, dds, 01633564, 98E5A217253BDAA7FFBE4D9EB051F95A, B0D51843324F2872D2A7E7FF74FE53908ADC769BB05F75AF1C95B5462A72DED6

That malware name is autogenerated by Malware, per this page: https://blog.malwarebytes.com/detections/malware-ai/

Expected Behavior

No Malware

Steps to Reproduce

Install Anaconda Run MalwareBytes scan

Anaconda or Miniconda version:

4.11.0

Operating System:

OS: Windows 11 (Build 22000.434) CPU: x64

conda info

``` PASTE OUTPUT HERE: active environment : None user config file : C:\Users\lonbi\.condarc populated config files : conda version : 4.11.0 conda-build version : 3.21.6 python version : 3.9.7.final.0 virtual packages : __win=0=0 __archspec=1=x86_64 base environment : C:\ProgramData\Anaconda3 (read only) conda av data dir : C:\ProgramData\Anaconda3\etc\conda conda av metadata url : None channel URLs : https://repo.anaconda.com/pkgs/main/win-64 https://repo.anaconda.com/pkgs/main/noarch https://repo.anaconda.com/pkgs/r/win-64 https://repo.anaconda.com/pkgs/r/noarch https://repo.anaconda.com/pkgs/msys2/win-64 https://repo.anaconda.com/pkgs/msys2/noarch package cache : C:\ProgramData\Anaconda3\pkgs C:\Users\lonbi\.conda\pkgs C:\Users\lonbi\AppData\Local\conda\conda\pkgs envs directories : C:\Users\lonbi\.conda\envs C:\ProgramData\Anaconda3\envs C:\Users\lonbi\AppData\Local\conda\conda\envs platform : win-64 user-agent : conda/4.11.0 requests/2.26.0 CPython/3.9.7 Windows/10 Windows/10.0.22000 administrator : False netrc file : None offline mode : False ```

conda list --show-channel-urls

``` PASTE OUTPUT HERE: # packages in environment at C:\ProgramData\Anaconda3: # # Name Version Build Channel _ipyw_jlab_nb_ext_conf 0.1.0 py39haa95532_0 defaults alabaster 0.7.12 pyhd3eb1b0_0 defaults anaconda 2021.11 py39_0 defaults anaconda-client 1.9.0 py39haa95532_0 defaults anaconda-navigator 2.1.1 py39_0 defaults anaconda-project 0.10.1 pyhd3eb1b0_0 defaults anyio 2.2.0 py39haa95532_2 defaults appdirs 1.4.4 pyhd3eb1b0_0 defaults argh 0.26.2 py39haa95532_0 defaults argon2-cffi 20.1.0 py39h2bbff1b_1 defaults arrow 0.13.1 py39haa95532_0 defaults asn1crypto 1.4.0 py_0 defaults astroid 2.6.6 py39haa95532_0 defaults astropy 4.3.1 py39hc7d831d_0 defaults async_generator 1.10 pyhd3eb1b0_0 defaults atomicwrites 1.4.0 py_0 defaults attrs 21.2.0 pyhd3eb1b0_0 defaults autopep8 1.5.7 pyhd3eb1b0_0 defaults babel 2.9.1 pyhd3eb1b0_0 defaults backcall 0.2.0 pyhd3eb1b0_0 defaults backports 1.0 pyhd3eb1b0_2 defaults backports.functools_lru_cache 1.6.4 pyhd3eb1b0_0 defaults backports.shutil_get_terminal_size 1.0.0 pyhd3eb1b0_3 defaults backports.tempfile 1.0 pyhd3eb1b0_1 defaults backports.weakref 1.0.post1 py_1 defaults bcrypt 3.2.0 py39h196d8e1_0 defaults beautifulsoup4 4.10.0 pyh06a4308_0 defaults binaryornot 0.4.4 pyhd3eb1b0_1 defaults bitarray 2.3.0 py39h2bbff1b_1 defaults bkcharts 0.2 py39haa95532_0 defaults black 19.10b0 py_0 defaults blas 1.0 mkl defaults bleach 4.0.0 pyhd3eb1b0_0 defaults blosc 1.21.0 h19a0ad4_0 defaults bokeh 2.4.1 py39haa95532_0 defaults boto 2.49.0 py39haa95532_0 defaults bottleneck 1.3.2 py39h7cc1a96_1 defaults brotli 1.0.9 ha925a31_2 defaults brotlipy 0.7.0 py39h2bbff1b_1003 defaults bzip2 1.0.8 he774522_0 defaults ca-certificates 2021.10.26 haa95532_2 defaults cached-property 1.5.2 py_0 defaults certifi 2021.10.8 py39haa95532_0 defaults cffi 1.14.6 py39h2bbff1b_0 defaults cfitsio 3.470 he774522_6 defaults chardet 4.0.0 py39haa95532_1003 defaults charls 2.2.0 h6c2663c_0 defaults charset-normalizer 2.0.4 pyhd3eb1b0_0 defaults click 8.0.3 pyhd3eb1b0_0 defaults cloudpickle 2.0.0 pyhd3eb1b0_0 defaults clyent 1.2.2 py39haa95532_1 defaults colorama 0.4.4 pyhd3eb1b0_0 defaults comtypes 1.1.10 py39haa95532_1002 defaults conda 4.11.0 py39hcbf5309_0 conda-forge conda-build 3.21.6 py39haa95532_0 defaults conda-content-trust 0.1.1 pyhd3eb1b0_0 defaults conda-env 2.6.0 1 defaults conda-pack 0.6.0 pyhd3eb1b0_0 defaults conda-package-handling 1.7.3 py39h8cc25b3_1 defaults conda-repo-cli 1.0.4 pyhd3eb1b0_0 defaults conda-token 0.3.0 pyhd3eb1b0_0 defaults conda-verify 3.4.2 py_1 defaults console_shortcut 0.1.1 4 defaults contextlib2 0.6.0.post1 pyhd3eb1b0_0 defaults cookiecutter 1.7.2 pyhd3eb1b0_0 defaults cryptography 3.4.8 py39h71e12ea_0 defaults curl 7.78.0 h86230a5_0 defaults cycler 0.10.0 py39haa95532_0 defaults cython 0.29.24 py39h604cdb4_0 defaults cytoolz 0.11.0 py39h2bbff1b_0 defaults daal4py 2021.3.0 py39h757b272_0 defaults dal 2021.3.0 haa95532_564 defaults dask 2021.10.0 pyhd3eb1b0_0 defaults dask-core 2021.10.0 pyhd3eb1b0_0 defaults dataclasses 0.8 pyh6d0b6a4_7 defaults debugpy 1.4.1 py39hd77b12b_0 defaults decorator 5.1.0 pyhd3eb1b0_0 defaults defusedxml 0.7.1 pyhd3eb1b0_0 defaults diff-match-patch 20200713 pyhd3eb1b0_0 defaults distributed 2021.10.0 py39haa95532_0 defaults docutils 0.17.1 py39haa95532_1 defaults entrypoints 0.3 py39haa95532_0 defaults et_xmlfile 1.1.0 py39haa95532_0 defaults fastcache 1.1.0 py39h196d8e1_0 defaults filelock 3.3.1 pyhd3eb1b0_1 defaults flake8 3.9.2 pyhd3eb1b0_0 defaults flask 1.1.2 pyhd3eb1b0_0 defaults fonttools 4.25.0 pyhd3eb1b0_0 defaults freeglut 3.2.1 h0e60522_2 conda-forge freetype 2.10.4 hd328e21_0 defaults fsspec 2021.10.1 pyhd3eb1b0_0 defaults future 0.18.2 py39haa95532_1 defaults get_terminal_size 1.0.0 h38e98db_0 defaults gevent 21.8.0 py39h2bbff1b_1 defaults giflib 5.2.1 h62dcd97_0 defaults glob2 0.7 pyhd3eb1b0_0 defaults greenlet 1.1.1 py39hd77b12b_0 defaults h5py 3.2.1 py39h3de5c98_0 defaults hdf5 1.10.6 h7ebc959_0 defaults heapdict 1.0.1 pyhd3eb1b0_0 defaults html5lib 1.1 pyhd3eb1b0_0 defaults icc_rt 2019.0.0 h0cc432a_1 defaults icu 58.2 ha925a31_3 defaults idna 3.2 pyhd3eb1b0_0 defaults imagecodecs 2021.8.26 py39ha1f97ea_0 defaults imageio 2.9.0 pyhd3eb1b0_0 defaults imagesize 1.2.0 pyhd3eb1b0_0 defaults importlib-metadata 4.8.1 py39haa95532_0 defaults importlib_metadata 4.8.1 hd3eb1b0_0 defaults inflection 0.5.1 py39haa95532_0 defaults iniconfig 1.1.1 pyhd3eb1b0_0 defaults intel-openmp 2021.4.0 haa95532_3556 defaults intervaltree 3.1.0 pyhd3eb1b0_0 defaults ipykernel 6.4.1 py39haa95532_1 defaults ipython 7.29.0 py39hd4e2768_0 defaults ipython_genutils 0.2.0 pyhd3eb1b0_1 defaults ipywidgets 7.6.5 pyhd3eb1b0_1 defaults isort 5.9.3 pyhd3eb1b0_0 defaults itsdangerous 2.0.1 pyhd3eb1b0_0 defaults jdcal 1.4.1 pyhd3eb1b0_0 defaults jedi 0.18.0 py39haa95532_1 defaults jinja2 2.11.3 pyhd3eb1b0_0 defaults jinja2-time 0.2.0 pyhd3eb1b0_2 defaults joblib 1.1.0 pyhd3eb1b0_0 defaults jpeg 9d h2bbff1b_0 defaults json5 0.9.6 pyhd3eb1b0_0 defaults jsonschema 3.2.0 pyhd3eb1b0_2 defaults jupyter 1.0.0 py39haa95532_7 defaults jupyter_client 6.1.12 pyhd3eb1b0_0 defaults jupyter_console 6.4.0 pyhd3eb1b0_0 defaults jupyter_core 4.8.1 py39haa95532_0 defaults jupyter_server 1.4.1 py39haa95532_0 defaults jupyterlab 3.2.1 pyhd3eb1b0_1 defaults jupyterlab_pygments 0.1.2 py_0 defaults jupyterlab_server 2.8.2 pyhd3eb1b0_0 defaults jupyterlab_widgets 1.0.0 pyhd3eb1b0_1 defaults keyring 23.1.0 py39haa95532_0 defaults kiwisolver 1.3.1 py39hd77b12b_0 defaults krb5 1.19.2 h5b6d351_0 defaults lazy-object-proxy 1.6.0 py39h2bbff1b_0 defaults lcms2 2.12 h83e58a3_0 defaults lerc 3.0 hd77b12b_0 defaults libaec 1.0.4 h33f27b4_1 defaults libarchive 3.4.2 h5e25573_0 defaults libcurl 7.78.0 h86230a5_0 defaults libdeflate 1.8 h2bbff1b_5 defaults libiconv 1.15 h1df5818_7 defaults liblief 0.10.1 hd77b12b_1 defaults libpng 1.6.37 h2a8f88b_0 defaults libspatialindex 1.9.3 h6c2663c_0 defaults libssh2 1.9.0 h7a1dbc1_1 defaults libtiff 4.2.0 hd0e1b90_0 defaults libwebp 1.2.0 h2bbff1b_0 defaults libxml2 2.9.12 h0ad7f3c_0 defaults libxslt 1.1.34 he774522_0 defaults libzopfli 1.0.3 ha925a31_0 defaults llvmlite 0.37.0 py39h23ce68f_1 defaults locket 0.2.1 py39haa95532_1 defaults lxml 4.6.3 py39h9b66d53_0 defaults lz4-c 1.9.3 h2bbff1b_1 defaults lzo 2.10 he774522_2 defaults m2w64-gcc-libgfortran 5.3.0 6 defaults m2w64-gcc-libs 5.3.0 7 defaults m2w64-gcc-libs-core 5.3.0 7 defaults m2w64-gmp 6.1.0 2 defaults m2w64-libwinpthread-git 5.0.0.4634.697f757 2 defaults markupsafe 1.1.1 py39h2bbff1b_0 defaults matplotlib 3.4.3 py39haa95532_0 defaults matplotlib-base 3.4.3 py39h49ac443_0 defaults matplotlib-inline 0.1.2 pyhd3eb1b0_2 defaults mccabe 0.6.1 py39haa95532_1 defaults menuinst 1.4.18 py39h59b6b97_0 defaults mistune 0.8.4 py39h2bbff1b_1000 defaults mkl 2021.4.0 haa95532_640 defaults mkl-service 2.4.0 py39h2bbff1b_0 defaults mkl_fft 1.3.1 py39h277e83a_0 defaults mkl_random 1.2.2 py39hf11a4ad_0 defaults mock 4.0.3 pyhd3eb1b0_0 defaults more-itertools 8.10.0 pyhd3eb1b0_0 defaults mpmath 1.2.1 py39haa95532_0 defaults msgpack-python 1.0.2 py39h59b6b97_1 defaults msys2-conda-epoch 20160418 1 defaults multipledispatch 0.6.0 py39haa95532_0 defaults munkres 1.1.4 py_0 defaults mypy_extensions 0.4.3 py39haa95532_0 defaults navigator-updater 0.2.1 py39haa95532_0 defaults nbclassic 0.2.6 pyhd3eb1b0_0 defaults nbclient 0.5.3 pyhd3eb1b0_0 defaults nbconvert 6.1.0 py39haa95532_0 defaults nbformat 5.1.3 pyhd3eb1b0_0 defaults nest-asyncio 1.5.1 pyhd3eb1b0_0 defaults networkx 2.6.3 pyhd3eb1b0_0 defaults nltk 3.6.5 pyhd3eb1b0_0 defaults nose 1.3.7 pyhd3eb1b0_1006 defaults notebook 6.4.5 py39haa95532_0 defaults numba 0.54.1 py39hf11a4ad_0 defaults numexpr 2.7.3 py39hb80d3ca_1 defaults numpy 1.20.3 py39ha4e8547_0 defaults numpy-base 1.20.3 py39hc2deb75_0 defaults numpydoc 1.1.0 pyhd3eb1b0_1 defaults olefile 0.46 pyhd3eb1b0_0 defaults openjpeg 2.4.0 h4fc8c34_0 defaults openpyxl 3.0.9 pyhd3eb1b0_0 defaults openssl 1.1.1l h2bbff1b_0 defaults packaging 21.0 pyhd3eb1b0_0 defaults pandas 1.3.4 py39h6214cd6_0 defaults pandocfilters 1.4.3 py39haa95532_1 defaults paramiko 2.7.2 py_0 defaults parso 0.8.2 pyhd3eb1b0_0 defaults partd 1.2.0 pyhd3eb1b0_0 defaults path 16.0.0 py39haa95532_0 defaults path.py 12.5.0 hd3eb1b0_0 defaults pathlib2 2.3.6 py39haa95532_2 defaults pathspec 0.7.0 py_0 defaults patsy 0.5.2 py39haa95532_0 defaults pep8 1.7.1 py39haa95532_0 defaults pexpect 4.8.0 pyhd3eb1b0_3 defaults pickleshare 0.7.5 pyhd3eb1b0_1003 defaults pillow 8.4.0 py39hd45dc43_0 defaults pip 21.2.4 py39haa95532_0 defaults pkginfo 1.7.1 py39haa95532_0 defaults pluggy 0.13.1 py39haa95532_0 defaults ply 3.11 py39haa95532_0 defaults powershell_shortcut 0.0.1 3 defaults poyo 0.5.0 pyhd3eb1b0_0 defaults prometheus_client 0.11.0 pyhd3eb1b0_0 defaults prompt-toolkit 3.0.20 pyhd3eb1b0_0 defaults prompt_toolkit 3.0.20 hd3eb1b0_0 defaults psutil 5.8.0 py39h2bbff1b_1 defaults ptyprocess 0.7.0 pyhd3eb1b0_2 defaults py 1.10.0 pyhd3eb1b0_0 defaults py-lief 0.10.1 py39hd77b12b_1 defaults pycodestyle 2.7.0 pyhd3eb1b0_0 defaults pycosat 0.6.3 py39h2bbff1b_0 defaults pycparser 2.20 py_2 defaults pycurl 7.44.1 py39hcd4344a_1 defaults pydocstyle 6.1.1 pyhd3eb1b0_0 defaults pyerfa 2.0.0 py39h2bbff1b_0 defaults pyflakes 2.3.1 pyhd3eb1b0_0 defaults pygame 2.1.2 pypi_0 pypi pygments 2.10.0 pyhd3eb1b0_0 defaults pyjwt 2.1.0 py39haa95532_0 defaults pylint 2.9.6 py39haa95532_1 defaults pyls-spyder 0.4.0 pyhd3eb1b0_0 defaults pynacl 1.4.0 py39hbd8134f_1 defaults pyodbc 4.0.31 py39hd77b12b_0 defaults pyopengl 3.1.5 pypi_0 pypi pyopenssl 21.0.0 pyhd3eb1b0_1 defaults pyparsing 3.0.4 pyhd3eb1b0_0 defaults pyqt 5.9.2 py39hd77b12b_6 defaults pyreadline 2.1 py39haa95532_1 defaults pyrsistent 0.18.0 py39h196d8e1_0 defaults pysocks 1.7.1 py39haa95532_0 defaults pytables 3.6.1 py39h56d22b6_1 defaults pytest 6.2.4 py39haa95532_2 defaults python 3.9.7 h6244533_1 defaults python-dateutil 2.8.2 pyhd3eb1b0_0 defaults python-libarchive-c 2.9 pyhd3eb1b0_1 defaults python-lsp-black 1.0.0 pyhd3eb1b0_0 defaults python-lsp-jsonrpc 1.0.0 pyhd3eb1b0_0 defaults python-lsp-server 1.2.4 pyhd3eb1b0_0 defaults python-slugify 5.0.2 pyhd3eb1b0_0 defaults python_abi 3.9 2_cp39 conda-forge pytz 2021.3 pyhd3eb1b0_0 defaults pywavelets 1.1.1 py39h080aedc_4 defaults pywin32 228 py39he774522_0 defaults pywin32-ctypes 0.2.0 py39haa95532_1000 defaults pywinpty 0.5.7 py39haa95532_0 defaults pyyaml 6.0 py39h2bbff1b_1 defaults pyzmq 22.2.1 py39hd77b12b_1 defaults qdarkstyle 3.0.2 pyhd3eb1b0_0 defaults qstylizer 0.1.10 pyhd3eb1b0_0 defaults qt 5.9.7 vc14h73c81de_0 defaults qtawesome 1.0.2 pyhd3eb1b0_0 defaults qtconsole 5.1.1 pyhd3eb1b0_0 defaults qtpy 1.10.0 pyhd3eb1b0_0 defaults regex 2021.8.3 py39h2bbff1b_0 defaults requests 2.26.0 pyhd3eb1b0_0 defaults rope 0.19.0 pyhd3eb1b0_0 defaults rtree 0.9.7 py39h2eaa2aa_1 defaults ruamel_yaml 0.15.100 py39h2bbff1b_0 defaults scikit-image 0.18.3 py39hf11a4ad_0 defaults scikit-learn 0.24.2 py39hf11a4ad_1 defaults scikit-learn-intelex 2021.3.0 py39haa95532_0 defaults scipy 1.7.1 py39hbe87c03_2 defaults seaborn 0.11.2 pyhd3eb1b0_0 defaults send2trash 1.8.0 pyhd3eb1b0_1 defaults setuptools 58.0.4 py39haa95532_0 defaults simplegeneric 0.8.1 py39haa95532_2 defaults singledispatch 3.7.0 pyhd3eb1b0_1001 defaults sip 4.19.13 py39hd77b12b_0 defaults six 1.16.0 pyhd3eb1b0_0 defaults snappy 1.1.8 h33f27b4_0 defaults sniffio 1.2.0 py39haa95532_1 defaults snowballstemmer 2.1.0 pyhd3eb1b0_0 defaults sortedcollections 2.1.0 pyhd3eb1b0_0 defaults sortedcontainers 2.4.0 pyhd3eb1b0_0 defaults soupsieve 2.2.1 pyhd3eb1b0_0 defaults sphinx 4.2.0 pyhd3eb1b0_1 defaults sphinxcontrib 1.0 py39haa95532_1 defaults sphinxcontrib-applehelp 1.0.2 pyhd3eb1b0_0 defaults sphinxcontrib-devhelp 1.0.2 pyhd3eb1b0_0 defaults sphinxcontrib-htmlhelp 2.0.0 pyhd3eb1b0_0 defaults sphinxcontrib-jsmath 1.0.1 pyhd3eb1b0_0 defaults sphinxcontrib-qthelp 1.0.3 pyhd3eb1b0_0 defaults sphinxcontrib-serializinghtml 1.1.5 pyhd3eb1b0_0 defaults sphinxcontrib-websupport 1.2.4 py_0 defaults spyder 5.1.5 py39haa95532_1 defaults spyder-kernels 2.1.3 py39haa95532_0 defaults sqlalchemy 1.4.22 py39h2bbff1b_0 defaults sqlite 3.36.0 h2bbff1b_0 defaults statsmodels 0.12.2 py39h2bbff1b_0 defaults sympy 1.9 py39haa95532_0 defaults tbb 2021.4.0 h59b6b97_0 defaults tbb4py 2021.4.0 py39h59b6b97_0 defaults tblib 1.7.0 pyhd3eb1b0_0 defaults terminado 0.9.4 py39haa95532_0 defaults testpath 0.5.0 pyhd3eb1b0_0 defaults text-unidecode 1.3 pyhd3eb1b0_0 defaults textdistance 4.2.1 pyhd3eb1b0_0 defaults threadpoolctl 2.2.0 pyh0d69192_0 defaults three-merge 0.1.1 pyhd3eb1b0_0 defaults tifffile 2021.7.2 pyhd3eb1b0_2 defaults tinycss 0.4 pyhd3eb1b0_1002 defaults tk 8.6.11 h2bbff1b_0 defaults toml 0.10.2 pyhd3eb1b0_0 defaults toolz 0.11.1 pyhd3eb1b0_0 defaults tornado 6.1 py39h2bbff1b_0 defaults tqdm 4.62.3 pyhd3eb1b0_1 defaults traitlets 5.1.0 pyhd3eb1b0_0 defaults typed-ast 1.4.3 py39h2bbff1b_1 defaults typing_extensions 3.10.0.2 pyh06a4308_0 defaults tzdata 2021e hda174b7_0 defaults ujson 4.0.2 py39hd77b12b_0 defaults unicodecsv 0.14.1 py39haa95532_0 defaults unidecode 1.2.0 pyhd3eb1b0_0 defaults urllib3 1.26.7 pyhd3eb1b0_0 defaults vc 14.2 h21ff451_1 defaults vs2015_runtime 14.27.29016 h5e58377_2 defaults watchdog 2.1.3 py39haa95532_0 defaults wcwidth 0.2.5 pyhd3eb1b0_0 defaults webencodings 0.5.1 py39haa95532_1 defaults werkzeug 2.0.2 pyhd3eb1b0_0 defaults wheel 0.37.0 pyhd3eb1b0_1 defaults whichcraft 0.6.1 pyhd3eb1b0_0 defaults widgetsnbextension 3.5.1 py39haa95532_0 defaults win_inet_pton 1.1.0 py39haa95532_0 defaults win_unicode_console 0.5 py39haa95532_0 defaults wincertstore 0.2 py39haa95532_2 defaults winpty 0.4.3 4 defaults wrapt 1.12.1 py39h196d8e1_1 defaults xlrd 2.0.1 pyhd3eb1b0_0 defaults xlsxwriter 3.0.1 pyhd3eb1b0_0 defaults xlwings 0.24.9 py39haa95532_0 defaults xlwt 1.3.0 py39haa95532_0 defaults xmltodict 0.12.0 pyhd3eb1b0_0 defaults xz 5.2.5 h62dcd97_0 defaults yaml 0.2.5 he774522_0 defaults yapf 0.31.0 pyhd3eb1b0_0 defaults zfp 0.5.5 hd77b12b_6 defaults zict 2.0.0 pyhd3eb1b0_0 defaults zipp 3.6.0 pyhd3eb1b0_0 defaults zlib 1.2.11 h62dcd97_4 defaults zope 1.0 py39haa95532_1 defaults zope.event 4.5.0 py39haa95532_0 defaults zope.interface 5.4.0 py39h2bbff1b_0 defaults zstd 1.4.9 h19a0ad4_0 defaults ```

[remkade]

Thanks for the report, we will be investigating this right away.

Is there any more information from Malware Bytes as to what malware it thinks this is?

[dbast]

This seems to be the package from above list/version that contains pngfix.exe: https://anaconda.org/anaconda/libpng/1.6.37/download/win-64/libpng-1.6.37-h2a8f88b_0.tar.bz2

[chenghlee]

Can you please report the SHA256 checksum of the suspicious binary? In PowerShell, Get-FileHash -Algorithm SHA256 ANACONDA3\LIBRARY\BIN\PNGFIX.EXE.

[lonbinder]

Unfortunately, all that Malware Bytes provides is above. I did some web research and couldn't find anything more on this auto-generated name. Which likely means it's not popular/frequent. Also, from that research, there are a few posts indicating that MB's AI generated malware signatures has false positives. It's possible this is a false positive.

[lonbinder]

Can you please report the SHA256 checksum of the suspicious binary? In PowerShell, Get-FileHash -Algorithm SHA256 ANACONDA3\LIBRARY\BIN\PNGFIX.EXE.

B0D51843324F2872D2A7E7FF74FE53908ADC769BB05F75AF1C95B5462A72DED6

[dbast]

That file is indeed in the above mentioned package (command works on macOS):

wget -qO- https://anaconda.org/anaconda/libpng/1.6.37/download/win-64/libpng-1.6.37-h2a8f88b_0.tar.bz2 | tar -xOf - Library/bin/pngfix.exe | shasum -a 256

The output b0d51843324f2872d2a7e7ff74fe53908adc769bb05f75af1c95b5462a72ded6 - matches the provided sha256.

[dbast]

Uploading that file libpng-1.6.37-h2a8f88b_0.tar.bz2 to virustotal.com gives it a score of 0/57 (=nothing found by 57 different virus/malware scanners), see https://www.virustotal.com/gui/file/20a69e29fe0c6d9d333d23c9566078e4afabcdef631a28125bfcf76743a8a9f7