I want to make a black campaign and my target is some consistently ignorant AntiVirus makers.
Thanks to virustotal.com for make this painless
1. gplc.exe (gnu prolog) https://www.virustotal.com/en/file/9e2acb4176669e48f7a0aadd3fcbb39ade979b8843be87db9da5a42fe10ec290/analysis/1362534179/
2. pack gplc.exe with UPX https://www.virustotal.com/en/file/381976956f94d747407e9beaa9231dacdbd6bc19093621cc8058a3bbd09f3b06/analysis/1362534370/
3. unpack packed gplc.exe with UPX https://www.virustotal.com/en/file/86323543730fc67432854d6ff4eceaa6b0a8096befbce37fa6062d9e4450d4ff/analysis/1362534576/
The suspect file http://osspack32.googlecode.com/files/GPLC.7z
And the award goes to:
Now that's just a simple case, but if an executable involving networking functionality the analysis of our AV "champion" will goes into cosmic territory and hallucination... such pathetic and irresponsible (they will rely on user report) behavior should never exist in a software of AntiVirus caliber. More.. some big company make actually malware-behaving software and force AV maker to whitelist them as reported by nirsoft. But when false-positive involve open source technology it become ignorance
UPX itself is an open source software to compress executable.
So stay tuned with this page for most updated list of antivirus whose programmer can't read any single line of UPX source codez. ha ha
So what? Why just "don't use UPX" and that "UPX is useless, bla bla... anyway" ?
Well because we're human dude, and we fix our mistake !