C programs getting detected as Malware

Question

Recently my C programs started to act weirdly and I had no idea why... Then I realized that they were being flagged by my antivirus program as malware... First I thought there's a malware in my compiler (I'm using CodeBlocks IDE with MinGW-GCC as c compiler), Antivirus scan returned nothing.

So I started experimenting on it...

I wrote a simple hello world using c

#include <stdio.h>

int main() {
    printf("Hello");
    return 0;
}

Soon as I compiled it windows defender flagged it as Trojan:Win32/Fuerboos.C!cl : Threat level Severe

So I uploaded the exe to VirusTotal VirusTotal results

30 engines flagged the file as malware...

Also gmail doesn't allow you to attach it as an executable file...

Is anyone experiencing this? Could someone explain this to me?

What is the size of your compiled file for your hello example? — Hoppo, Jun 28 '20 at 13:11
FWIW I just submitted the Hello World executable (using `puts`) to VirusTotal and three didn't like it: SecureAge APEX (malicious), Bkav (malware), Cylance (unsafe). — Weather Vane, Jun 28 '20 at 13:13
@SupulEdirisinghe Can you give a link? There's MinGW, MinGW-w64, and at least the latter has several different distributions. — HolyBlackCat, Jun 28 '20 at 13:17
My compiled binary using gcc is 8k.Uploaded to Virus Total with zero flags. — Hoppo, Jun 28 '20 at 13:17
@HolyBlackCat i downloaded it from mingw.org https://osdn.net/projects/mingw/releases/ — Supul Edirisinghe, Jun 28 '20 at 13:50
compiling your program on PI4 raspbian gcc 8.3.6 : *No engines detected this file* — bruno, Jun 28 '20 at 13:58
@bruno virus engines only detect exe files... it doesn't catch .o files or anything — Supul Edirisinghe, Jun 28 '20 at 13:59

score -3 · Answer 1 · answered Jun 28 '20 at 12:56

-3

It could be you are really having a malware or it is a security risk as mentioned here: https://en.wikipedia.org/wiki/Uncontrolled_format_string . Try using puts to see if you still have the issue

answered Jun 28 '20 at 12:56

user13824026

18
2

Your link says *"use of unchecked user input as the format string parameter"*. OP's format string is hardcoded rather than inputted. – HolyBlackCat Jun 28 '20 at 13:00

C programs getting detected as Malware

1 Answers1

Linked