Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

转后的exe,360提示有木马,需要处理吗? #10

Closed
wuchao288 opened this issue May 18, 2024 · 2 comments
Closed

转后的exe,360提示有木马,需要处理吗? #10

wuchao288 opened this issue May 18, 2024 · 2 comments
Assignees

Comments

@wuchao288
Copy link

类型:木马-Win32/Trojan.Generic.HwMAaVcA
描述:木马是一种伪装成正常文件的恶意软件,会盗取您的帐号、密码等隐私资料。
扫描引擎:云安全引擎
文件路径:C:\Users\Administrator\Desktop\upload_to_ftp.exe
文件大小:27K (27,648 字节)
文件指纹(MD5):53f13f069223cbf67ee5deb221b916da
处理建议:隔离文件

@brandoncomputer
Copy link
Contributor

I have spent a lot of time attempting to get these types of compilers to clear VirusTotal.com. You will not be able to clear them all.

You may want to try to sign your code with a self signed certificate. That will help in some cases.

New-SelfSignedCertificate -DnsName [email protected] -Type CodeSigning -CertStoreLocation cert:\CurrentUser\My
Export-Certificate -Cert (Get-ChildItem Cert:\CurrentUser\My -CodeSigningCert)[0] -FilePath code_signing.crt
Import-Certificate -FilePath .\code_signing.crt -Cert Cert:\CurrentUser\TrustedPublisher
Import-Certificate -FilePath .\code_signing.crt -Cert Cert:\CurrentUser\Root
Set-AuthenticodeSignature 'c:\myexe\myexe.exe' -Certificate (Get-ChildItem Cert:\CurrentUser\My -CodeSigningCert)

@Taromatibot
Copy link
Collaborator

嗨wuchao288!
收到你的反馈啦!谢谢你的宝贵意见!👌
Hi wuchao288!
Thanks for your feedback! I really appreciate it!👌

首先要说明的是,ps12exe本身没有任何恶意代码哦。之所以被标记为高危,是因为曾经有坏人用PowerShell脚本生成恶意代码,所以现在杀毒软件会对这类文件比较敏感。🥹
ps12exe是一个纯脚本模块,你可以随时查看它的源代码,确认它没有任何安全问题。
如果你还是不放心dll文件依赖,可以从官方项目下载对应文件,替换src/bin文件夹中的同名文件即可。
First of all, I want to let you know that ps12exe does NOT contain any malicious code. It's been flagged as high risk because some bad guys used PowerShell scripts to create malware in the past, so antivirus software is now more sensitive to this type of file. 🥹
ps12exe is a pure script module, which means you can always check its source code to make sure it's safe.
If you're still not sure about the dll file dependencies, you can download the corresponding files from the official project and replace the ones in the src/bin folder.

如果你的exe文件被误报,咱觉得最可靠的方法是向杀毒软件厂商进行申诉,帮助他们把你的exe文件从高危名单中移除。🐛
If your exe file is falsely flagged, I think the best way to get rid of it is report to the antivirus software company and help them remove your exe from the high-risk list. 🐛

最后,再次感谢你的反馈!
这个commit是由咱自动判断issue内容并自动回复的,存在误判的可能。不用担心,如果还有任何疑问,随时可以重新打开这个issue,我会一直在这里哒!😜
Finally, thanks again for your feedback!
This commit is auto judged by me and auto replied, there may be mistakes. But don't worry, if you have any other questions, feel free to reopen this issue, I'll always be here! 😜

祝你每天都开开心心,像吃了蜜一样甜!🥰
Hope you have a sweet and lovely day! 🥰

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants