Post by The_Bastman in Full Service comments

Viewing post in Full Service comments

Hybrid analysis has flagged the .exe file as malicious with an 100/100 threat score.

Risk assesment includes

SpywareContains ability to open the clipboard
Contains ability to open the clipboard
Contains ability to read clipboard data
Contains ability to retrieve keyboard strokes
Found a string that may be used as part of an injection method
Sets a global windows hook to intercept mouse eventsFingerprintQueries kernel debugger information
Queries the display settings of system associated file extensionsEvasiveAble to check if a debugger is running
Contains ability to terminate a process
Reads VM-specific registry key
References security-related Windows services

Hope this is a false positive as the game looks promising.

Midnight Arcade7 days ago(+1)

Yeah, I've received a few reports of the game flagging anti-virus software. It's due to the .exe being compiled with GameMaker without a code signed certificate. I ran the file through Virustotal and it shows that there aren't any issues. Still frustrating though since the only solution to this apparently not happening is to pay security certifiers like $400 for a certificate which stops it from happening. I'll likely do that down the line once the project is generating enough support to make that investment make sense. As for the specific things about clipboards and keystrokes, it's just that GameMaker's runtime contains code for all GML (the language) functions which include things like clipboard capability.

There's nothing in the program that sends me or anyone any data or connects to any network and there are no registry or external calls. It's sandboxed to it's own save folder. Nothing malicious in the code. Sorry for the scare, though, it is annoying!

itch.io

Viewing post in Full Service comments