Microsoft Defender and other Anti Virus software detect trojan:win32/wacatac.b!ml and other threats.

AmitSriAmitSri Posts: 1 New member
in SmartAssembly
After securing the .net executable using the SmartAssembly 8.0 Software. Windows Defender detects "trojan:win32/wacatac.b!ml" in the upload executable. There are other executables as well, those are working fine and no threat detect in that.

We have scanned the executable using the online tool suggested in the following link. it detected other threats please check the attached screen shot. Please let us know the solution. We have also submitted the binary to Microsoft Defender Portal for review.

https://forum.red-gate.com/discussion/87927/antivirus-blocks-smart-assembly

https://www.virustotal.com/


Tagged:
· Share on Twitter

Answers

  • Peter_LawsPeter_Laws Posts: 289 Silver 2
    Thank you for submitting it for Microsoft's review AmitSri, based on past experience that is the most effective measure that can be taken. Additionally, more security vendors are unwilling to review based on the work of 3rd parties and will only accept review requests from affected customers such as yourself.

    All obfuscation software is periodically marked by automated protection patterns because bad actors often obfuscate their payloads to improve the odds it will bypass detection. The false positive typically only lasts a short time until they are updated.
     
    If you scan it with another security product that uses different patterns it likely won't be flagged. Your diligence is much appreciated; if you remain concerned please hold off on using at first while the patterns are updated and MS review.
    Kind regards
    Peter Laws | Redgate Software
    Have you visited our Help Center?
    · Share on Twitter
Sign In or Register to comment.