Jump to content

PyInstaller exe detected as PoetRAT

Recommended Posts

HI  I made a python app based on a python.py script and made it into an executable with pyinstaller, but immunet detects it as the following threat



Should I be worried or is this a false positive. As I said, I made the script and the executable with official source libraries, so I just want to know if this could be just a false positive. It's an industrial application so I can't share it. I've seen PoetRAT is related to industrial data like my app is, did that proc the alarm?

Edited by bkiller10
Link to comment
Share on other sites

Hi bkiller10,

Have you tried to use the Quarantine Restore feature for the script? If successfully restored from Quarantine that will automatically move the file to the Exclusion list so it will no longer be scanned.

I would also suggest you report this as a False Positive to the Immunet devs and since it's also a ClamAV detection to contact the ClamAV support folks at these URL's

Immunet Support: https://www.immunet.com/false_positive

ClamAV Support: https://www.clamav.net/reports/fp

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in

Sign In Now

  • Create New...