Jump to content

My code is anomalous ?


NicoleFaye
 Share

Recommended Posts

Okay so i wrote this tiny bot, and i know bots are generally flagged by AV but im curious what calls are actually setting it off? I am using windows api calls for 2 hotkeys and im guessing thats whats causing it but i want to confirm for future projects. Another thing i suppose it could be is the use of keybd_event and mouse_event.

http://pinvoke.net/default.aspx/user32.keybd_event

 

 

Here is a link to the repo:

 

 

https://github.com/NicoleFaye/OilBot

 

Edited by AdvancedSetup
Disabled live hyperlink
Link to post
Share on other sites

  • Staff

Thanks for reporting, can you attached detected file and logs?

Quote

Also, If you are a developer, while building your application,  I suggest you exclude the working/building directory from detection via the exclusion settings in Malwarebytes. This since our Anomaly detection might possibly detect some of the files you are building.
Once the application/project is final and ready to be shared with others, in most cases it won't be detected anymore since it won't be triggered as "anomalous" anymore either.

In case a "final project" is still detected, please let us know (include the sample), so we can add it to our database of known good apps as well to prevent this in the future.

For more information, please read  MachineLearning/Anomalous Detections and Explanation.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.