You do know how AV engines check a file, do you ?
Mostly 2 steps:
1) Check whether this file is known already
2) Runtime analysis.
AV's are weak. They never find malware if it is coded properly.
Just because 2/70 AV's regard that as malware, that's neither an argument that it is malware, nor that it isn't malware.
This just means it is not known yet and that it doesn't raise too many red flags (e.g. like encrypting system folder).
The results i posted are from a proper analysis with detailed reports, not from simple AV scans.
I honestly don't understand how they can't check the IP the software is connecting to. This IP is related to several other illegal (hacking-) activities. Just one additional argument that AV's are extremely weak and only useful for very well-known malware.
Yes.