rathole icon indicating copy to clipboard operation
rathole copied to clipboard
verified publisher icon rapiz1

Windows reported Trojan:Win32/Malgent!MTB on .exe version 0.5.0

Open gilsonwindsoft opened this issue 1 year ago • 5 comments

Windows antivirus was reported Trojan:Win32/Malgent!MTB in .exe version 0.5.0 Version 0.4.8 don't report any problem

gilsonwindsoft avatar Sep 04 '24 17:09 gilsonwindsoft 

PS C:\Users\SantiiRepair\Documents\GitHub\ratconn> scoop install rathole 
Installing 'rathole' (0.5.0) [64bit] from 'main' bucket
rathole-x86_64-pc-windows-msvc.zip (1.6 MB) [================================================================================================================] 100%
Checking hash of rathole-x86_64-pc-windows-msvc.zip ... Get-FileHash : The file 'C:\Users\SantiiRepair\scoop\apps\rathole\0.5.0\rathole-x86_64-pc-windows-msvc.zip' cannot be read: Operation did not complete
successfully because the file contains a virus or potentially unwanted software.
At C:\Users\SantiiRepair\scoop\apps\scoop\current\lib\install.ps1:634 char:16
+     $actual = (Get-FileHash -Path $file -Algorithm $algorithm).Hash.T ...
+                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ReadError: (C:\Users\Santii...indows-msvc.zip:PSObject) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : FileReadError,Get-FileHash

You cannot call a method on a null-valued expression.
At C:\Users\SantiiRepair\scoop\apps\scoop\current\lib\install.ps1:634 char:5
+     $actual = (Get-FileHash -Path $file -Algorithm $algorithm).Hash.T ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

Get-Content : Operation did not complete successfully because the file contains a virus or potentially unwanted software.
At C:\Users\SantiiRepair\scoop\apps\scoop\current\lib\core.ps1:1379 char:16
+         return Get-Content $file -Encoding byte -TotalCount 8
+                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ReadError: (C:\Users\Santii...indows-msvc.zip:String) [Get-Content], IOException
    + FullyQualifiedErrorId : GetContentReaderIOError,Microsoft.PowerShell.Commands.GetContentCommand

ERROR Hash check failed!
App:         main/rathole
URL:         https://github.com/rapiz1/rathole/releases/download/v0.5.0/rathole-x86_64-pc-windows-msvc.zip
First bytes:
Expected:    2f3b4900a63d32a14e1578b2de68f78daad89b7c47b9388c26d922962faef430
Actual:

Please try again or create a new issue by using the following link and paste your console output:
https://github.com/ScoopInstaller/Main/issues/new?title=rathole%400.5.0%3a+hash+check+failed

SantiiRepair avatar Sep 07 '24 23:09 SantiiRepair

I think a virus has used this project to tunnel the local network data... windows has now blocked the signature from the virus and thus also this project

would this make sense?

Snowbelldog avatar Sep 25 '24 19:09 Snowbelldog

don't know if it makes sense or not.

I tried both to download from github and install via scoop in both situations windows rejected the install with the Sever virus.

Who would take the risk now?

distributev avatar Oct 29 '24 16:10 distributev

don't know if it makes sense or not.

I tried both to download from github and install via scoop in both situations windows rejected the install with the Sever virus.

Who would take the risk now?

Me

SantiiRepair avatar Oct 29 '24 17:10 SantiiRepair

Many alternatives

https://github.com/anderspitman/awesome-tunneling

For instance

https://github.com/ekzhang/bore

distributev avatar Nov 01 '24 11:11 distributev