binaries icon indicating copy to clipboard operation
binaries copied to clipboard
verified publisher icon angr

tests/x86/windows/packed_pe32.exe flagged as trojan

Open eboling opened this issue 2 years ago • 1 comments

Description

The file tests/x86/windows/packed_pe32.exe is detected by McAfee as a trojan, and subjected to corporate quarantine policies. Since this repos is pulled as part of angr-dev, one can get an unexpected surprise. If it was intended that a binary with malware in it be provided as a test case, I would suggest that such binaries be sequestered in an optional repos specifically for that purpose.

Steps to reproduce the bug

No response

Environment

No response

Additional context

No response

eboling avatar Jul 25 '23 13:07 eboling

Just noticed this issue. We intentionally store malware samples in this repository because they are also legitimately test binaries. A long-term goal would be converting known malicious samples to CART files.

ltfish avatar Dec 10 '24 06:12 ltfish