numlck
There is no source code, therefore this cannot be trusted, please provide some source that this is 100% legitimate
Issue: This repo only contains an exe file and no source code has been provided. We don't know what happens behind the scenes when running this random executable. There's no guarantee that all it does is what is claimed.
Developers (and most users) only trust GitHub repositories with open-source code. Providing only an executable without the source code WILL lead to trust issues, as users cannot verify what the program does behind the scenes. Does it really just do what it claims to do or is there something else?
-> There are several layers of trust issues associated with downloading and using executable programs provided by anonymous or unknown individuals on GitHub.
If you need to distribute executables, GitHub offers a "Releases" feature. This is the only feature you need to use to distribute precompiled executables. This allows you to tag specific versions of your source code and attach compiled binaries as downloadable assets. Even here, you have to associate these binaries with their respective source code tags or branches.
Hosting an executable on GitHub, without source code, WILL also falsely communicate a sense of legitimacy or safety that is not guaranteed at all. GitHub is for open-source projects and collaborative software development. Users who don't know what they're doing might immediately just assume that all hosted content is trustworthy.
TL;DR We don't know what happens behind the scenes when running this executable, so please provide a source code or we'll personally report this repo to GitHub and announce that this cannot be trusted despite being on GitHub.
Moreover, not only your thing drops over one hundred files, but it also tries to see your public IP using ipify, could you explain?