Malware?
draxaris1010 opened this issue · 4 comments
Can you please explain this virustotal scan?
https://www.virustotal.com/gui/file/08433f306f479740712d186587598ba17c9c7ee78fe373361b242a8a7e006385/detection
Hm that's odd. I suspect that's due to upx which decreases the binary size. You can try building it yourself and you should be able to recreate the binary exactly if you use the same version of Rust. At any rate, if you downloaded the binary right here from GitHub, it should be safe.
I have downloaded it from github you can try it yourself.
I cross-compiled a build for Windows locally with the assumption that upx makes it more sus. Here are the results:
Pre-strip and pre-upx: https://www.virustotal.com/gui/file/ad5c6b052b126712952f564b6884351b16a7da52e8c37d61fe5e00f9ebee4346?nocache=1
Post-strip and post-upx: https://www.virustotal.com/gui/file-analysis/YzZhNzc0OWMzM2JlNzY4ZTZhNDY5MjU0Zjc0MDY4MGE6MTY5MzExNTU1Mg==
As you can see, upx clearly makes the binary more suspicious. The problem is known upstream:
I suppose part of the reason is that upx is likely used as part of cloaking/minimizing malware. I'm not really sure what I can do here about that at this point.
Sadly miniserve isn't currently reproducible but I'd like to get there.
At any rate, does this clear things up for you or not?
Yes.