site virustotal claims that there is a signature for a possible attack inside the DLL.

Question

site virustotal claims that there is a signature for a possible attack inside the DLL.

Maxim-MDProjects opened this issue a year ago · 1 comments

You did a great job, your library is magically fast. You have a lot of interesting works in the repository.
But there is one point that confuses, site virustotal claims that there is a signature for a possible attack inside the DLL.
Could you post the source code of the DLL or fix the potential threat?
Below is the text from virustotal sites:

Matches rule Suspicious Call by Ordinal by Florian Roth at Sigma Integrated Rule Set (GitHub) Detects suspicious calls of DLLs in rundll32.dll exports by ordinal
Matches rule Powershell Create Scheduled Task by frack113 at Sigma Integrated Rule Set (GitHub) Adversaries may abuse the Windows Task Scheduler to perform task scheduling for initial or recurring execution of malicious code
Matches rule Failed Code Integrity Checks by Thomas Patzke at Sigma Integrated Rule Set (GitHub) Code integrity failures may indicate tampered executables.

Thank you

Answer 1 · 2023-06-22T10:48:12.000Z

No More False +ve