Installer flagged as Malicious

[shadowoffice]

Hello after few scan on few website your project detected about virus for scan bank account....

https://www.hybrid-analysis.com/sample/6762a15aebfcffe378eb90e95565df77fb8b5abf7dae7567b0501898726bc29b/666090e8b9c0188ec8025f4d

[shadowoffice]

Found Source code ... https://github.com/DarkenCode/yara-rules/blob/master/malware/Bolonyokte.yar

[torakiki]

These are the VirusTotal analisys: This is the Downloader https://www.virustotal.com/gui/file/b7e27b358d71850689d70364c0859fa87725fdbe25f05d9c9d718884804a7c84/detection and this is the MSI installer https://www.virustotal.com/gui/file/62e082cc9bd2ead4a17b88145de489ba37a410c880c2be368f17316a2cd37cd2

The only one flagging the Downloader is Dr.Web and we tried to report the false positive with no luck. The Downloader does offer to try PDFsam Enhanced, this should be super clear on the website, and that's usually what bothers some AntiVirus flagging the downloader as PUP (Potentially Unwanted Program). The MSI doesn't offer anything and you can find the WiX sources in the repo.