If I had to guess, the scanners are picking up on the fact that it’s UPX-packed ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		nneonneo on Nov 14, 2020 \| parent \| context \| favorite \| on: Universal DOOM – a single EXE for DOS 6, and Windo... If I had to guess, the scanners are picking up on the fact that it’s UPX-packed with funny headers. I don’t know how much my word is worth, but I give you my word that I compiled the binary from source and there’s nothing malicious in there. You’re welcome to upx -d the binary to check this yourself, or build your own copy with the instructions in the repo if you’re in doubt :)

NuSkooler on Nov 14, 2020 [–]

Mostly just pointing it out. I think you're probably right as to the "why". UPX/packers often flag this sort of thing.

I'm assuming the Registry keys and the like are from the statically linked in libs.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact