Trojan:Win32/CobaltStrike.UTA!MTB when compiling #2869
Replies: 2 comments
-
|
There's a whole step explaining that you should add the build folder to a whitelist for Windows Defender. As such, I did that so I got no warnings from it. |
Beta Was this translation helpful? Give feedback.
-
That's not exactly how heuristic scans does work nowadays... it's not as simplistic as "because they can" but rather because the scan does actually detect a pattern matching malicious activity... I would be careful here and not treat everything as false positives... My 2 cents 🙂 |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
When running the script, Windows defender reports that it detects this threat in the following locations:
C:\mabs\build\SDL-git\build-32bit\conftest.exe
C:\mabs\msys64\tmp\ffconf.3FVXRgXj\test.exe (and in other directories under 'tmp')
I'm guessing these are false positives. Windows quarantines or removes the files and my machine seems unaffected. I Googled to see if others had experienced the same thing, but my search turned up empty. I just thought I would bring this to the community's attention, in case others experience the same thing. And, to ask if these are indeed false positives.
Beta Was this translation helpful? Give feedback.
All reactions