search

aandrew-me / ytDownloader

A modern GUI App for downloading Videos and Audios from hundreds of sites
https://ytdn.netlify.app/
GNU General Public License v3.0
949 stars 87 forks source link

VirusTotal scan matches critical Sigma rule #160

Closed RasheedAZ closed 1 year ago

RasheedAZ commented 1 year ago

Hi. Scanning the latest Windows binary https://github.com/aandrew-me/ytDownloader/releases/download/v3.14.2/YTDownloader_Win.exe gave me the following in VirusTotal Behavior:

Matches rule Oilrig by Ariel Millahuel at SOC Prime Threat Detection Marketplace OilRig is an Iranian threat group operating primarily in the Middle East by targeting organizations in this region that are in a variety of different industries; however, this group has occasionally targeted organizations outside of the Middle East as well. It also appears OilRig carries out supply chain attacks, where the threat group leverages the trust relationship between organizations to attack their primary targets.

Screenshot:

image

Link:

https://www.virustotal.com/gui/file/efa0f9973c9bbebccd01f2ae59d8d273f590dd2ef8e3dde6e368c65571875159/behavior

Is this normal behaviour or should I uninstall it?

aandrew-me commented 1 year ago

Why are you asking me if you should uninstall it 😆 ? No antivirus flagged it and source code is open. I dont know what that behavior is. I can assure that its safe, but the choice is always yours...

RasheedAZ commented 1 year ago

Not sure who else to ask... Thanks for replying :)