NppPluginTemplate.dll being flagged as a malicious false positive by multiple vendors

[thunderysteak]

The current NppPluginTemplate.dll from pluginTemplate.v4.4.bin.x64.zip in the latest Plugin Template for Notepad++ v4.4 release is falsely being flagged as malicious by 21 AV engines. This causes AV alarms for Notepad++ if the plugin template is installed.

https://www.virustotal.com/gui/file/9f8cbb70d655e691cfacb9377096bb88446af7cfbffe02c533c9c5cf1ae3e594/detection

I recommend submitting the binaries for Microsoft and Bitdefender to remove the false positive, as those are the two most popular AV solutions used. As I am not a N++ developer, I am unable to submit samples for analysis and false positive.

Link to submit a sample to Microsoft:
https://www.microsoft.com/en-us/wdsi/filesubmission

Link to submit a sample to Bitdefender:
https://www.bitdefender.co.uk/consumer/support/answer/88563/

[micsthepick]

is that just these "Cloud AV" vendors on VirusTotal, or did you get a notification from a reptuable AV solution on the desktop?

AliCloud
Suspicious
DeepInstinct
MALICIOUS
MaxSecure
Trojan.Malware.234237038.susgen
Rising
Trojan.Agent!8.B1E (CLOUD)
SecureAge
Malicious

if it's just those guys, then either let it alone, or tell it to them...

[thunderysteak]

At the time of writing this was being flagged by 21 vendors. Our SOC team has notified us back in January that NppPluginTemplate.dll was being flagged by Bitdefender and MDE as malicious.

We added the hash to exclusions so we didn't see any further alerts, but if VirusTotal says it's only being flagged by 5 vendors after six months this issue can be closed.