VirusTotal detected VEXEFB5 in latest AC86U AC2900 firmwares

[Zonkd]

VirusTotal detected something called 'VEXEFB5.Webshell' in latest AC86U firmwares.

It's previously been detected in two other files in the past...

mac-card-data-recovery-trial.zip | https://www.virustotal.com/en/file/...1aef1ed9a2155c9/analysis/1470230980/detection

php5ts.dll | http://www.herdprotect.com/php5ts.dll-4270c2b7ed55db3e4005e21a4caf3b0223d74de9.aspx

Heres the firmware results:

RT-AC68U_384.5_0.zip | RT-AC86U_384.5_0_cferom_ubi.w| https://www.virustotal.com/#/file/a...33ec97352632a3c41d51e49d23db33c1d89/detection

RT-AC86U_384.5_beta2.zip | RT-AC86U_384.5_beta2_cferom_ubi.w | https://www.virustotal.com/#/file/3...280f185da255932c73330333bd8e89a81d4/detection

59 other engines found nothing... confirmed false positive?

 

[Zonkd]

So does anyone know if it is real malware?

 

[Hawk]

So does anyone know if it is real malware?

No, there is no malware in firmware of Asus Rt-ac86u or any other firmware, result speak for themselves only one av detected it and majority of them say it is clean, including major vendors.

 

[RMerlin]

Those antivirus are designed to scan x86 code. Firmware images are ARM or MIPS code, therefore there's nothing for them to analyze there. This is a false positive.