IP Port Scanners are grey-ware. You found it on a security site hosting it for use by security professionals.
They are tools that have legitimate uses but may be used maliciously. Thus they are grey area software and not really malware and may be classified as a PUP, Tool, Hacktool, etc.
If you had a downloader or a dropper that included an IP Port Scanner and you showed how it was being used maliciously in a particular process then that would be beneficial because you would be passing on that information of the tool being used in a particular technique.
Are you going to tell me those old archivers you posted about in late April were malware ?
Do you remember your posting the "WinRAR from 2008" and "7-Zip 4.65 from 2009" ?
How about those UPX compressed files ?
There is so much REAL malware out there; Ransom, Bobax, ZeroAccess, FakeAlert, TDSS family, Cridex, Exploit files/code pages, the various bots (Zbot, Rbot, Qakbot, GAObot, SDbot, etc). Cutwail, Mebroot, Bredolab, Hiloti, Randex, Harniq, Sinowal, etc, etc.
Post URLs to samples of the above and not grey-ware tools, false positives and at-best heuristics.
Topic: Honeypots forgotten Links... (Read 11847 times)
