detection icon indicating copy to clipboard operation
detection copied to clipboard
verified publisher icon ditekshen

False Positive

Open krypt0x opened this issue 3 years ago • 1 comments

Hi there, some AV software using your ruleset is wrongly reporting our wallet as a Trojan/Virus.

Could you please assist?

https://github.com/ConcealNetwork/conceal-desktop

https://www.virustotal.com/gui/file/65aa9266c675e9e9ed55d4eb315a7a27804c24329c6ed7c908c504403317b12d

Thank you

krypt0x avatar May 23 '22 14:05 krypt0x

I cannot be responsible of how "AV software" use the rules. Can you specify which rule is causing the false positive? Can you provide a file or hash to test with?

ditekshen avatar Sep 27 '22 16:09 ditekshen

Crowdsourced YARA rules Matches rule INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL by ditekSHen from ruleset indicator_suspicious at https://github.com/ditekshen/detection Detects executables containing URLs to raw contents of a Github gist

https://www.virustotal.com/gui/file/65aa9266c675e9e9ed55d4eb315a7a27804c24329c6ed7c908c504403317b12d/details

krypt0x avatar Aug 02 '23 15:08 krypt0x

I cannot be responsible of how "AV software" use the rules. Can you specify which rule is causing the false positive? Can you provide a file or hash to test with?

I got it now. Thanks

krypt0x avatar Aug 02 '23 15:08 krypt0x