0

I am compiling the following source code:

#include <stdio.h>

int main()
{
        printf("Hello World!");
}

As you can see, it's just a normal program that print out Hello World! to console, there is no way this can harm your computer :)

I compiled it using x86_64-w64-mingw32-gcc on Linux host with the version:

x86_64-w64-mingw32-gcc (GCC) 10-win32 20210110
Copyright (C) 2020 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

But when I compile it with x86_64-w64-mingw32-gcc test.c -Ofast -o hello.exe (you can get the binary here, I uploaded it to paste.c-net.org), then upload it to Virustotal, it got 3/68 detections:

detections

Compiling with default optimize level (without -Ofast) x86_64-w64-mingw32-gcc hello.c -o hello1.exe (you can get the binary here) results in a lot more detections:

detections

How on Earth is that possible?

schroeder
  • 123,438
  • 55
  • 284
  • 319
raspiduino
  • 111
  • 4
  • 2
    This question is similar to [this one](https://stackoverflow.com/questions/72423479/is-microsoft-using-a-tcp-connection-in-a-simple-c-program/72424835#72424835). In many cases the reports of Virustotal are misleading. – mentallurg Jun 02 '22 at 07:30
  • It's flagged as malicious, because, as you can see, it is making connections to IPs and creating files. The linked report above explains the effect. – schroeder Jun 02 '22 at 08:04
  • 1
    @mentallurg we are getting quite a few of this same question the past couple of weeks. The dupe I linked to includes a fix. Should we create an answer to that dupe or make a canonical to point all these questions to? – schroeder Jun 02 '22 at 08:08
  • @schroeder: Yes, it is a good idea. – mentallurg Jun 02 '22 at 20:11

0 Answers0