| --- |
| tags: |
| - ml-intern |
| --- |
| # MoneyPack Security Suite v5.0 |
|
|
| **Created by MoneyPack** |
|
|
| Advanced Anti-Malware & RAT Detection - **ZERO False Positives** edition. |
|
|
| ## What's New in v5.0 |
|
|
| - **ZERO false positives** - Never flags system files, Python libs, .NET DLLs, or legitimate software |
| - **Kill or Quarantine** - When threats ARE found, you choose: delete permanently or isolate |
| - **Smart detection** - Only flags files with MULTIPLE confirmed malware indicators |
| - **System-aware** - Auto-whitelists Windows, Python, Program Files, .NET paths |
|
|
| ## Download & Run |
|
|
| ``` |
| python moneypack_security.py |
| ``` |
|
|
| ## Build .EXE |
|
|
| ``` |
| pip install pyinstaller psutil rich |
| pyinstaller --onefile --console --name MoneyPack_Security moneypack_security.py |
| ``` |
|
|
| Find your EXE at: `dist\MoneyPack_Security.exe` |
|
|
| ## How Detection Works (No More False Positives) |
|
|
| The old version flagged anything containing `/bin/sh` or `cmd.exe /c`. That's dumb - every Python install has those. |
|
|
| v5.0 uses **multi-indicator analysis**: |
| - Files in system folders (Python, Windows, Program Files) = ALWAYS skipped |
| - .NET DLLs with dots in names (Colors.Net.dll) = recognized as legitimate |
| - A file needs **3+ confirmed malware behaviors together** to be flagged: |
| - Encoded PowerShell + hidden window + bypass |
| - Download cradle + code execution |
| - Keylogger APIs + hook APIs together |
| - Process injection technique (VirtualAlloc + WriteProcessMemory + CreateRemoteThread) |
| - Ransomware indicators (encrypt + bitcoin + shadow deletion) |
| - Cryptominer signatures (stratum, xmrig, monero) |
|
|
| Single patterns alone = ignored (too many false positives). |
| Multiple patterns combined = confirmed malware. |
|
|
| ## Features |
|
|
| | Feature | Description | |
| |---------|-------------| |
| | Quick Scan | Scans Downloads, Desktop, Temp | |
| | Full Scan | Deep scan any directory you choose | |
| | Process Hunter | Finds RAT processes, option to KILL | |
| | Network Guard | Detects C2 callbacks & reverse shells | |
| | Real-Time Guard | Continuous background monitoring | |
| | Quarantine Vault | Isolate threats safely | |
| | Threat Log | History of all detections & kills | |
|
|
| ## Supported Platforms |
|
|
| - Windows 10/11 |
| - Linux |
| - macOS |
|
|
| <!-- ml-intern-provenance --> |
| ## Generated by ML Intern |
|
|
| This model repository was generated by [ML Intern](https://github.com/huggingface/ml-intern), an agent for machine learning research and development on the Hugging Face Hub. |
|
|
| - Try ML Intern: https://smolagents-ml-intern.hf.space |
| - Source code: https://github.com/huggingface/ml-intern |
|
|
| ## Usage |
|
|
| ```python |
| from transformers import AutoModelForCausalLM, AutoTokenizer |
| |
| model_id = "MoneyPack/MoneyPack-Security-Suite" |
| tokenizer = AutoTokenizer.from_pretrained(model_id) |
| model = AutoModelForCausalLM.from_pretrained(model_id) |
| ``` |
|
|
| For non-causal architectures, replace `AutoModelForCausalLM` with the appropriate `AutoModel` class. |
|
|
