ditekshen
commented
1 year ago The rule INDICATOR_EXE_Packed_MPress does not say the file is bad. It just says the file is packed / compressed with MPress, which is what you said you did. Other AV detctions are outside of my scope and I have zero knowledge of their detection content.
I compiled a pretty basic AHK script into an EXE using MPRESS compression, and Virus Total was having a fit over it. https://www.virustotal.com/gui/file/70daa541f025d0cf534c7ffa3f69c11e73f283cb3ccf6de60d722bb53c37289c/detection/f-70daa541f025d0cf534c7ffa3f69c11e73f283cb3ccf6de60d722bb53c37289c-1673376163
Thankfully, the staff over at the website that used VirusTotal scans were kind enough to approve it anyway, but I thought I'd still mention it.