Suspicious lua script

replies

550

views

Hello guys. I found this lua script in a BMW M4, now taken down, named scripts/radarDetector/modscript.lua. Nothing looks suspicous, until i go check the behavior, and see it contacts a domain an IP address. It is also highlighted that it has potential defense invasions, but it could be false pos. Please let me know if my suspicions are rights, because I find it weird why a mod would need to contact anything outside.

BMW M4 VT: https://www.virustotal.com/gui/file/862a3311e8ef8e8cf8c55c71d97a40d793c6ac7828ffe426fcff02136272b239/relations

scripts/radarDetector/modscript.lua VT: https://www.virustotal.com/gui/file/266406ebb59150010fbe1a17308ad350d161be93d8b48fcb4eb0f2e5e4adb049

by Whisper1 5 months ago

anything that contacts a domain website is highly suspicious and should be removed off your computer (its not always like that though) but its safer than nothing

by 48Mod 5 months ago

Can you please help explain how you check this? Thanks

by spaminhaler456 5 months ago

@48Mod looked on the behavior tab for the lua and used gpt to help me ****zye this. Also posted this forum on other sites and every reply ive gotten has said its a virus or something malicious. You can see what domain thelua file contacts by going to the relations tab in VT.

by King Cool Guy 5 months ago

Yeah that's acting a bit weird no mod needs that activity

alexis is a shitty french

by xev 5 months ago

false positive i think lmk if im wrong tho

Reply to Suspicious lua script

Use @ to mention users.

Check out our new Discord server!

Suspicious lua script

Reply to Suspicious lua script