Jump to content

False positive detection (obfuscated file)


Joth

Recommended Posts

Hello, 

I have a .exe file that I am 99% sure is safe, however, it is obfuscated and I would like to decompile it for that extra 1% of confidence knowing that it's definitely nothing malicious. The file is an auto clicker and as mentioned is obfuscated to protect its code and prevent others from stealing it & repurposing it for malicious purposes. 

The file also uses a HWID login, so only registered users can use the auto clicker - I paid an access fee to become registered. The virustotal scan doesn't look promising, but again, coming from virustotal alone doesn't mean a whole lot and in addition it's also analysing an obfuscated file which is bound to make false positive detections.

I also want to point out that malwarebytes doesn't actually detect the file as anything suspicious, neither does hitmanpro or kaspersky. In fact, none of my subscription programs detected it as potentially harmful until I ran a scheduled ESET security scan last night which instantly detected the file - also want to mention that I ran daily scheduled scans on ESET, none of which detected it as anything potentially harmful up until the one last night.

Virustotal scan results: https://www.virustotal.com/gui/file/09430fa20aac3815ba456f4644f41b41073d4994e538797c172c10a19f825b35?nocache=1

The file itself was made by a private group & is not linked to any website - made by people well known within the community where an autoclicker would be used, they also have a bunch of other "cheats" for other games and have been operating for quite a few years without any issues.

Thank you very much for your help everyone!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.