Jump to content

True Recursive _FileListToArray

mLipok

By mLipok,
in AutoIt General Help and Support

 Share

Recommended Posts

TheDcoder Universalist

TheDcoder

Posted
Posted

Windows Defender does not have a reliable detection consistency, each user has different experience with files. I guess it depends on the heuristics and origin of the files.

I have also found that not using UPX greatly reduces false positives... I had 46 detections when using UPX, went down to 2 without UPX :blink:.

EasyCodeIt - A cross-platform AutoIt implementation - Fund the development! (GitHub will double your donations for a limited time)

DcodingTheWeb Forum - Follow for updates and Join for discussion

Link to comment
Share on other sites
  • Replies 66
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

BrewManNH
BrewManNH

Now you're just showing off.

TheDcoder
TheDcoder

Ah, yes. I just noticed. Maybe try this one?: https://github.com/loganch/AutoIt-VSCode

Melba23
Melba23

mLipok, There is a working recursive file listing script in the "Recursion" tutorial in the Wiki. M23

KaFu Universalist

KaFu

Posted
Posted

I do not UPX anything by default, but maybe some of the dlls or supporting exes are upxed and trigger the detection.

de.png OS: Win10-22H2 - 64bit - German, AutoIt Version: 3.3.16.1, AutoIt Editor: SciTE, Website: https://funk.eu
prog_icon_amt.png AMT - Auto-Movie-Thumbnailer (2022-Nov-26) prog_icon_bic.png BIC - Batch-Image-Cropper (2023-Apr-01) prog_icon_cop.png COP - Color Picker (2009-May-21)
prog_icon_dcs.png DCS - Dynamic Cursor Selector (2024-Feb-16) prog_icon_hmw.png HMW - Hide my Windows (2018-Sep-16) prog_icon_hrc.png HRC - HotKey Resolution Changer (2012-May-16) 
prog_icon_icu.png ICU - Icon Configuration Utility (2018-Sep-16) prog_icon_smf.png SMF - Search my Files (2023-Jun-03) - THE file info and duplicates search tool prog_icon_ssd.png SSD - Set Sound Device (2017-Sep-16)

Link to comment
Share on other sites
iamtheky Universalist

iamtheky

Posted
Posted
On 11/24/2017 at 4:47 AM, Deye said:

 Bad rep added : How to prevent static AV detection ?

posted just a few days ago : https://threatpost.com/autoit-scripting-used-by-overlay-malware-to-bypass-av-detection/128845/

 

While 1

For every post in the "is my exe really infected"  thread, there is an article about malware authors compiling with AutoIt to obfuscate signatures.

Wend 

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...