I have had this issue with the downloaded files associated with several download links being misidentified. A specific example is: the results for the dropbox installer link, identifies the downloaded as “Wild Adventure - Client 1.8.exe “, but once I download the file and uploaded it back to virus total it is properly(?) identified as “DropboxInstaller.exe” . The SHA256’s are different. Any ideas? Details are below. I used “VTzilla 1.5.1- signed” and “VirusTotal Uploader 2.02- beta”, but I can replicated the issue using bowser based virus total on firefox 40.0.2 .
===Download link I scanned:
https://dl-web.dropbox.com/installer?juno=True
(not sure how VTzilla gets this, it gives me a 404 when I try to visit)
--Scan:
===The downloaded file analysis identified the download as:
Wild Adventure - Client 1.8.exe
--SHA256:
6d95f4e9908662fce1f120b5cdfb671981ea6d2156449e3f15ab82ed3202f66d
--Scan:
===“TRUE” file identity from uploading via “send to virus total” after downloading
DropboxInstaller.exe
--SHA256:
db5a2722281f86a5b42a3fc4dc9f944595822965957b0213fdd50ec74b81af5d
--Scan: