Hugging Face's logo

MoneyPack
/
MoneyPack-Security-Suite

ml-intern
Model card Files
xet
 Community
MoneyPack-Security-Suite
File size: 2,838 Bytes
2132430
 
 
 
40510b3
5a25773
40510b3
5a25773
40510b3
 
 
 
 
 
 
 
 
 
5a25773
7ca214e
 
 
5a25773
40510b3
5a25773
7ca214e
 
 
 
5a25773
40510b3
7ca214e
40510b3
5a25773
40510b3
9272037
40510b3
 
 
 
 
 
 
 
 
 
9272037
40510b3
 
9272037
40510b3
9272037
40510b3
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2132430
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
---
tags:
- ml-intern
---
# MoneyPack Security Suite v5.0

**Created by MoneyPack**

Advanced Anti-Malware & RAT Detection - **ZERO False Positives** edition.

## What's New in v5.0

- **ZERO false positives** - Never flags system files, Python libs, .NET DLLs, or legitimate software
- **Kill or Quarantine** - When threats ARE found, you choose: delete permanently or isolate
- **Smart detection** - Only flags files with MULTIPLE confirmed malware indicators
- **System-aware** - Auto-whitelists Windows, Python, Program Files, .NET paths

## Download & Run

```
python moneypack_security.py
```

## Build .EXE

```
pip install pyinstaller psutil rich
pyinstaller --onefile --console --name MoneyPack_Security moneypack_security.py
```

Find your EXE at: `dist\MoneyPack_Security.exe`

## How Detection Works (No More False Positives)

The old version flagged anything containing `/bin/sh` or `cmd.exe /c`. That's dumb - every Python install has those.

v5.0 uses **multi-indicator analysis**:
- Files in system folders (Python, Windows, Program Files) = ALWAYS skipped
- .NET DLLs with dots in names (Colors.Net.dll) = recognized as legitimate
- A file needs **3+ confirmed malware behaviors together** to be flagged:
  - Encoded PowerShell + hidden window + bypass
  - Download cradle + code execution
  - Keylogger APIs + hook APIs together
  - Process injection technique (VirtualAlloc + WriteProcessMemory + CreateRemoteThread)
  - Ransomware indicators (encrypt + bitcoin + shadow deletion)
  - Cryptominer signatures (stratum, xmrig, monero)

Single patterns alone = ignored (too many false positives).
Multiple patterns combined = confirmed malware.

## Features

| Feature | Description |
|---------|-------------|
| Quick Scan | Scans Downloads, Desktop, Temp |
| Full Scan | Deep scan any directory you choose |
| Process Hunter | Finds RAT processes, option to KILL |
| Network Guard | Detects C2 callbacks & reverse shells |
| Real-Time Guard | Continuous background monitoring |
| Quarantine Vault | Isolate threats safely |
| Threat Log | History of all detections & kills |

## Supported Platforms

- Windows 10/11
- Linux
- macOS

<!-- ml-intern-provenance -->
## Generated by ML Intern

This model repository was generated by [ML Intern](https://github.com/huggingface/ml-intern), an agent for machine learning research and development on the Hugging Face Hub.

- Try ML Intern: https://smolagents-ml-intern.hf.space
- Source code: https://github.com/huggingface/ml-intern

## Usage

```python
from transformers import AutoModelForCausalLM, AutoTokenizer

model_id = "MoneyPack/MoneyPack-Security-Suite"
tokenizer = AutoTokenizer.from_pretrained(model_id)
model = AutoModelForCausalLM.from_pretrained(model_id)
```

For non-causal architectures, replace `AutoModelForCausalLM` with the appropriate `AutoModel` class.