Jul 18, 2015 at 6:16 PM

justed tried for education purposes only.
Sophos found Mal/DotNet-C. Is it wrong because of a specific byte order or for sure?

Kind regards
Jul 19, 2015 at 7:20 AM
Thanks for your post.
I do not know the reason. The code majority is in two parts, one is to read CSS memory, and other part is for aimbot (auto focus on enemy). the aimbot is using native windows functions to determine whether Alt key is pressed or not (GetKeyState in user32.dll). Maybe that is reason that application is detected as malware (that fuction can be used can be used for keylogger).

I believe there is no hard coded byte array neither pre compiled part in this application, you can check whole source code as it is open (in source code tab in project home)