False positive

[Stratoco]

[ALERT] FILE: C:\Program Files\OpenSSL-Win64\tests\recipes\61-test_bio_prefix_data\in1.txt SCORE: 100 TYPE: UNKNOWN SIZE: 4 FIRST_BYTES: 666f6f0a / <filter object at 0x01554400> MD5: d3b07384d113edec49eaa6238ad5ff00 SHA1: f1d2d2f924e986ac86fdf7b36c94bcdf32beec15 SHA256: b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c CREATED: Sun Dec 25 03:48:04 2022 MODIFIED: Tue Nov 1 11:14:38 2022 ACCESSED: Sun Dec 25 22:06:18 2022 REASON_1: Malware Hash TYPE: SHA1 HASH: f1d2d2f924e986ac86fdf7b36c94bcdf32beec15 SUBSCORE: 100 DESC: The Gameover Zeus Operation https://www.blackhat.com/docs/us-15/materials/us-15-Peterson-GameOver-Zeus-Badgu

File is just a text file containing the text "foo" that is part of the windows-openSSL package. Appears to be a common false positive hash (per your own comments): https://gist.github.com/Neo23x0/fd9af35c5061578025d00838c215dfe4?permalink_comment_id=2754361

Interestingly enough, I did not get an alert on file "out1.txt" in the same folder which contains the same FOO foo text.