MaxXor
commented
9 years ago Some people misuse ConfuserEx to obfuscate their malware. Because of slightly similar signatures after obfuscation your output becomes detected as malware too.
Closed ThinhVu closed 8 years ago
MaxXor
commented
9 years ago Some people misuse ConfuserEx to obfuscate their malware. Because of slightly similar signatures after obfuscation your output becomes detected as malware too.
alexmurari
commented
9 years ago Since many malware authors use ConfuserEx to protect their apps, the antiviruses detect some protections as virus.
For me, the only protection that is detected as virus is the anti-tamper (method encryption), disable it for executable modules (for dlls it´s no problem) and you should be fine.
ThinhVu
commented
9 years ago Thank for your answer :)
2015-07-20 23:07 GMT+07:00 MurariAlex notifications@github.com:
Since many malware authors use ConfuserEx to protect their apps, the antiviruses detect some protections as virus.
The only protection that is detected as virus is the anti-tamper (method encryption), disable it for executable modules (for dlls it´s no problem) and you should be fine.
— Reply to this email directly or view it on GitHub https://github.com/yck1509/ConfuserEx/issues/290#issuecomment-122929193.
ghost
commented
8 years ago Another thing that might work is using a simple method to scramble the executable; for example, store an encrypted version in a resource and decrypt it at runtime. You can even write a plugin for ConfuserEx!
When i scan obfuscated file with virustotal, they detect that obfuscated file contain virus. Anyone can explain that.