PS2EXE icon indicating copy to clipboard operation
PS2EXE copied to clipboard
verified publisher icon MScholtes

The module may have listeners

Open lypacd opened this issue 2 years ago • 3 comments

I scanned the file with the threatbook sandbox and there were some high-risk behaviors, how can this be explained

lypacd avatar Sep 26 '23 02:09 lypacd

Hello @lypacd,

please do not blame without proof, where is a screenshot or a list of "high-risk behaviors"? And what is "the file"?

Greetings

Markus

MScholtes avatar Sep 26 '23 14:09 MScholtes

This is the positives the .exe files created from this script gives.

f3cdfd3940e5e3fe9f3d6392f35d257b

Kleerkastje avatar Oct 27 '23 22:10 Kleerkastje

Hello @Kleerkastje,

PS2EXE compiles Powershell scripts into an EXE file. This behaviour is of course suspicious and is reported by many virus scanners, as PS2EXE is unfortunately also misused for malware.

The origins of PS2EXE were in a more peaceful time. My latest change made it easier for virus scanners to detect malicious behaviour of scripts as I no longer want to support malicious scripters. Therefore there are now more finds on Virustotal. The best way out is to report the finding as a false alarm (if so) and to certify your compiled script.

Greetings

Markus

MScholtes avatar Oct 29 '23 17:10 MScholtes