Jump to content

My software triggers a false positive detection


interflexo

Recommended Posts

False positive detection on www.virustotal.com

AVG/Avast: Win32:PWSX-gen [Trj]

https://www.virustotal.com/gui/file/482f73529365c3b71241972637033ece68c7c940a523a07411275433d018cef9?nocache=1

Python program (KP184.exe) created to implement a serial Modbus connection with a Kunkin KP184 electronic load compiled with pyinstaller.
Version: 1.0.56.0
SHA-256 482f73529365c3b71241972637033ece68c7c940a523a07411275433d018cef9

PyInstaller: 6.0
Python: 3.8.10
Platform: Windows 10 Pro 21H2

KP184.7z

Link to post
Share on other sites

  • 4 weeks later...

Same software new release:

False positive detection on www.virustotal.com

Malwarebytes: Malware.AI.3911842025

https://www.virustotal.com/gui/file/471975d050c8c88242a9ac25949bb1d3ff889c178b81dbbacd89f14fec9e855c?nocache=1

Python program (KP184.exe) created to implement a serial Modbus connection with a Kunkin KP184 electronic load compiled with pyinstaller.
Version: 1.0.58.0
SHA-256 471975d050c8c88242a9ac25949bb1d3ff889c178b81dbbacd89f14fec9e855c

PyInstaller: 6.1.0
Python: 3.8.10
Platform: Windows 10 Pro 21H2

Download link for sample: https://www.interflexo.com//kp184//V58//KP184.exe

KP184.7z

Link to post
Share on other sites

  • 2 months later...

Same software new release:

False positive detection on www.virustotal.com

Malwarebytes: Malware.AI.1327261116

https://www.virustotal.com/gui/file/63c4a0d5df5bbea19649b14bf1544f9f856510eb7b743fc7e8fd98d8325dab80?nocache=1

Python program (KP184.exe) created to implement a serial Modbus connection with a Kunkin KP184 electronic load compiled with pyinstaller.
Version: 1.0.63.0
SHA-256 63c4a0d5df5bbea19649b14bf1544f9f856510eb7b743fc7e8fd98d8325dab80

PyInstaller: 6.3.0
Python: 3.8.10
Platform: Windows 10 Pro 21H2

Download link for sample: https://www.interflexo.com//kp184//V63//KP184.exe

Link to post
Share on other sites

Same software new release:

False positive detection on www.virustotal.com

Malwarebytes: Malware.AI.1327261116

https://www.virustotal.com/gui/file/c858b894f42006deb2e3b8d3e542a273ad6cbd13ef1f53c7a8fd39fc63ebdb23?nocache=1

Python program (KP184.exe) created to implement a serial Modbus connection with a Kunkin KP184 electronic load compiled with pyinstaller.
Version: 1.0.64.0
SHA-256 c858b894f42006deb2e3b8d3e542a273ad6cbd13ef1f53c7a8fd39fc63ebdb2363c4a0d5df5bbea19649b14bf1544f9f856510eb7b743fc7e8fd98d8325dab80

PyInstaller: 6.4.0
Python: 3.8.10
Platform: Windows 10 Pro 21H2

KP184.zip

Link to post
Share on other sites

  • Staff

Hi,

I'm sorry your software was triggered again. I'll whitelist this so future versions won't be detected either.

Edited to add, I couldn't reproduce detection locally though as this has been fixed a few days ago already (retraining on the sample). Virustotal probably didn't receive our latest database build or results are cached there.

Edited by miekiemoes
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.