Opened 7 months ago

Last modified 7 months ago

#65130 assigned defect

x86_64-w64-mingw32-gcc: Binaries created are reported as trojans

Reported by: czkoko (Andy KoKo) Owned by: mojca (Mojca Miklavec)
Priority: High Milestone:
Component: ports Version: 2.7.2
Keywords: Cc:
Port: x86_64-w64-mingw32-gcc

Description (last modified by czkoko (Andy KoKo))

build a hello world with x86_64-w64-mingw32-gcc 11.3, virustotal report it's a Trojan,11.2 is fine.

ClamAV Win.Trojan.Bulz-9949382-0

Cybereason Malicious.a5bf3a

Cynet Malicious (score: 100)

Elastic Malicious (moderate Confidence)

Microsoft Trojan:Win32/Wacatac.B!ml

Change History (4)

comment:1 Changed 7 months ago by czkoko (Andy KoKo)

Description: modified (diff)

comment:2 Changed 7 months ago by czkoko (Andy KoKo)

Description: modified (diff)

comment:3 Changed 7 months ago by ryandesign (Ryan Schmidt)

Owner: set to mojca
Status: newassigned
Summary: Report Trojanx86_64-w64-mingw32-gcc: Binaries created are reported as trojans

It may be a false positive. If you can determine whether it is or not, let us know.

comment:4 Changed 7 months ago by ryandesign (Ryan Schmidt)

mingw32 has been the subject of false positives before; see https://security.stackexchange.com/questions/229576/program-compiled-with-mingw32-is-reported-as-infected.

It happens to other languages too, like nim, perhaps related to the fact that nim was compiled with gcc; see https://www.mail-archive.com/nim-general@lists.nim-lang.org/msg16821.html

Note: See TracTickets for help on using tickets.