Hi Justine

Awesome work! Love it.

But I have a concern. I uploaded the compiled hello world binary to virus total. It was flagged, cos the binary pings an IP apparently.

This happens only to freshly compiled binaries.

For binaries that have been executed on Linux once and then uploaded to virus total, the are no flags.

Apparently, the binary calls home to microsoft connection test servers and other IP's when run on windows:

Domain Detections Created Registrar
img-prod-cms-rt-microsoft-com.akamaized.net 0/ 90 2014-03-18 Akamai Technologies, Inc.
www.msftconnecttest.com 0/ 90 2014-04-04 NOM-IQ Ltd dba Com Laude

IP Detections Autonomous System Country
23.215.176.152 0/ 90 20940 US
95.101.28.33 0/ 90 20940 GB
95.101.28.59 0/ 90 20940 GB
13.107.4.52 1/ 90 8068 US

The IP 13.107.4.52 is a flagged and suspicious one. It is hosted at Azure.

I have yet to see how how virus total parses this after I run the binaries on various other oses and scan.

So far:

Linux: Works well, no flags in Virus Total. But I am checking network usage / wireshark to be sure.
Windows: Works well. Virus total flags it - On windows, the binaries check for network.
Mac, BSD variants, to be tested soon.

Interesting: The zipped version of a fresh binary does not raise a flag on Virus Total.

Hoping that you'll analyze what is happening on windows.

Regards

Vulcan