This looks awesome, but VirusTotal flags it as Malicious
Closed this issue · 2 comments
Describe the bug
VirusTotal flags the exe as Malicious.
To Reproduce
Steps to reproduce the behavior:
- Go to VirusTotal.com and upload the .exe file
- See the results
Expected behavior
No Malicious flags
Screenshots
Additional context
I want to use this tool because USMT is very complicated via the command line, But I (and many other security-minded professionals) can't use this in good conscience.
Unfortunately, there isn't a whole lot I can do besides acquiring a very expensive "code signing certificate." I encourage anyone to submit these builds to their AV vendors as a false positive to help alleviate this and help build a good reputation for the software.
In regard to your security team / co-workers. You can always review the source code and build the binary on your machine, I have a guide on how to do this on the documentation page for this project.
An even easier way to build this would be to fork this repository, once done, enable GitHub actions, modify a file in your newly forked repository (something like the readme.md), and GitHub should automatically start a build and drop the binary in an "artifact."
I am more than happy to answer any questions on suspicious looking source code or any other general source code questions.