Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Monkey flagged on Windows Defender with signature Exploit:Python/MS08067.G!MSR and Trojan:Win32:Wacatac.D6!ml #801

Closed
ShayNehmad opened this issue Aug 24, 2020 · 0 comments · Fixed by #807
Closed

Monkey flagged on Windows Defender with signature Exploit:Python/MS08067.G!MSR and Trojan:Win32:Wacatac.D6!ml #801

ShayNehmad opened this issue Aug 24, 2020 · 0 comments · Fixed by #807
Assignees
@VakarisZ
Labels
Bug An error, flaw, misbehavior or failure in the Monkey or Monkey Island.
Milestone
1.10.0

Comments

@ShayNehmad
Copy link
Contributor

ShayNehmad commented Aug 24, 2020
edited by VakarisZ
Loading

Describe the bug

seems like updated Defender doesn't like the new version 😞 See attached image.
It's probably a binary signature on the Python shellcode from here: https://github.com/guardicore/monkey/blob/develop/monkey/infection_monkey/exploit/win_ms08_067.py

To Reproduce

Steps to reproduce the behavior:

  • Run monkey with Windows defender enabled
  • As soon as monkey unpacks it's contents, ms08_067.py gets tagged as a threat.

Expected behavior

Monkey shouldn't trip AV. We need to employ basic evasion techniques so that our users experience seamless operation on Windows machines.

Screenshots

image

Machine version (please complete the following information):

  • OS: Windows
@ShayNehmad ShayNehmad added the Bug An error, flaw, misbehavior or failure in the Monkey or Monkey Island. label Aug 24, 2020
@ShayNehmad ShayNehmad added this to the 1.10.0 milestone Aug 24, 2020
@VakarisZ VakarisZ added the e/2 label Aug 25, 2020
@VakarisZ VakarisZ mentioned this issue Aug 27, 2020
Merged
4 tasks
@VakarisZ VakarisZ mentioned this issue Jan 21, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@VakarisZ VakarisZ

Labels
Bug An error, flaw, misbehavior or failure in the Monkey or Monkey Island.
Projects
None yet
Milestone
1.10.0
Development

Successfully merging a pull request may close this issue.

Ms08-067exploiter bugfixes, Defender evasion VakarisZ/monkey
2 participants
@VakarisZ @ShayNehmad