How safe is it work on a networked game with a stranger? .exe safety etc?

GoLionMk2 · March 29, 2020, 3:37am

I’m working with a developer more experienced that I am.
This is somebody I feel like I can trust but that I also don’t know well.

He sent me a packaged version of the client tonight, and I opened it to connect to the server he was hosting on his PC.

Windows Defender gave me the following error:

Name: Behavior:Win32/CredentialAccess.A!ml
ID: 2147739526
Severity: Severe
Category: Suspicious Behavior
Path: file:_J:\OurGame\WindowsNoEditor\OurGame\Binaries\Win64\OurGame.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
User: Admin-PC\Admin
Process Name: J:\WindowsNoEditor\OurGame.exe
Security intelligence Version: AV: 1.313.276.0, AS: 1.313.276.0, NIS: 1.313.276.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4

Has anyone run into this kind of thing before?

How concerned should one be when collaborating on networked games?

Any suggestions for safety precautions?

Thanks

GoLionMk2 · March 30, 2020, 2:29pm

bump
anyone have *any *thoughts?

Kinos141 · March 30, 2020, 3:46pm

As an IT professional in my day job, If it looks weird, delete it.

Ask him why it’s doing that and maybe have him resend. If it’s the same issue, then stop all work with him or find another way to share resources.
For all you know, his computer is unknowingly infected.

EvilCleric · March 30, 2020, 4:14pm

Have you run it with other AVs? Try virustotal to check if others AVs also detect something in that file.

GoLionMk2 · March 30, 2020, 8:22pm

Thanks both for the replies.

@Kinos141 Great to hear you have some professional experience.

My thought was it was *likely *some Windows Defender false positive type protective thing.
I would think a computer joining a server on another machine could easily be flagged as fishy by an OS, without there being any potential or intended danger.
On the other hand… Figured I’d ask anyone had any thoughts on the matter.

@EvilCleric I have not. Waiting on feedback about the Engine before before getting into any file analysis.

GoLionMk2 · March 31, 2020, 4:24pm

Just a quick update:

Running the .exe in VirusTotal comes back squeaky clean.

From my research online, it appears that Windows Defender is overly proactive.