Kaspersky is detecting Rust compiled executables as Trojans.

[sameert89]

I am a software developer and have used KTS for years. I recently started learning Rust, when I built a simple "Hello World" program, KTS won't let it run. It keeps deleting the executable and displaying it as VHO:Trojan.Win32.Sdum.gen. Please fix this, I am using the official rustc compiler.  

[Berny]

@sameert89 Welcome.

Please submit the executable to https://opentip.kaspersky.com and ask for reanalyze.

[sameert89]

I have submitted it, opentip says the file is safe somehow, still I submitted it. Here is the virustotal summary https://www.virustotal.com/gui/file/0dc84444121bd401b7942cfb7299d59c53311ccff34d268a3ca20e3b1d5ce0cf/detection

24 hours after submitting to opentip the label has changed from VHO:Trojan.Win32.Sdum.gen to UDS:Trojan.Win32.Inject

[harlan4096]

I have just reported as FP...

[harlan4096]

[sameert89]

Thanks, it no longer blocks my RUST programs. 

[ishaaq_ziyan]

@harlan4096sir, I would like to submit a false positive on a rust crate here.
Here is the analysis report for your reference 
https://opentip.kaspersky.com/9061C21AA0333D234636E5E48E2B61379AA9BC31259AB5D7740AF975825FBE21/results?tab=upload
Thanks and I look forward for a reply from you.

 

[harlan4096]

Just follow this procedure:

 

 

[Rodo]

On 7/16/2023 at 1:27 PM, Berny said:

@sameert89 Welcome.

Please submit the executable to https://opentip.kaspersky.com and ask for reanalyze.

Hello I developer and i developing a desktop aplication at Visual Studio 2022, tha aplication is new just a main windows form. and kaspersky detected the excecutable file as a virus.
This is a issue. i need to continue but a cant do it. 

 

Thanks a lot in advance!

[harlan4096]

Please, if it is a false positive, check my previous post, also you can report it via K. Support

[Guilhermesene4096]

@RodoWelcome

Add the folder or file to the exclusion list, so Kaspersky won't detect it (only if you really trust the application and know it's really safe - at your own risk)

 

 Add file and folders to exclusions ↓

 

Spoiler

• Open the Kaspersky interface
• In the lower left corner select the gear symbol (setting)
• Click "Security Settings"
• Scroll down and click → Exclusions and actions on object detection
• Scroll down again and click → Manage exclusions
• Click "Add"
• Under "File or folder", select the file or folder to exclude from scanning
• Under Protection components, select "All components" or a specific component you want
• Under "Status", select → Active
• Click → Add
• Click → Ok
• Click → Save

 

Additionally, please send the file to Kaspersky Virus Lab for analysis

 

To do this, do:

Spoiler

• Go to the site → KasperskyThreat Intelligence Portal
• On the bottom left-hand side of the page, click on → Sign in
• After logging in with your My Kaspersky account click on the → File Analysis tab
• In the "Drag & drop to upload" field click → Add File
• Select the file you want to send for analysis
• (optional) If you want the analysis to be hidden from other Kaspersky users, check the box → Private submission
• To send the file, click → Analyze
• Wait for the complete result (this may take a few minutes).
• NOTE: The analysis tool is limited to just 1 file per day.

Edited February 8 by Guilhermesene4096