Trojan-Downloader.Win32.Bitser infection found in log4j-finder.exe
JIPI69 opened this issue · 5 comments
Kaspersky Anti-Virus found this on .exe file
Type: Cheval de Troie
Nom: Trojan-Downloader.Win32.Bitser.cue
Exactitude: Exactement
Niveau de menace: Élevé
Type d'objet: Fichier
Nom de l'objet: log4j-finder.exe
Chemin de l'objet: ***********
MD5: 0E08555A17CA3E08D02DBD4CFB87C1AA
Raison: Consigné dans le rapport
Kind regards.
Jipi69
Thanks for sharing, it looks like antivirus products don't like Pyinstaller executables (as to be expected I guess).
I have no better solution for now, other than what #10 suggested to add the instructions to the README.md on how to generate the executable yourself.
Try building it yourself, that fixed it for me:
Copy log4j-finder.py and log4j-finder.spec from repo
Install Python 3.10
=> pip install pyinstaller
=> pyinstaller log4j-finder.spec
Exe is in your dist folder.
All our virusscanners were blocking the binary listed on frontpage for some reason, the one I generated myself was considered "suspicous", but at least not removed straight away.
Also good to know: For some reason it has big trouble when being run from a Onedrive folder and network drive on our machines (suspect it's because of pyinstaller, but could again be our virusscanner). It will only scan a few files and report it's done. Just copy it to C: and you're good.
While I cannot help AntiVirus from flagging PyInstaller files, I have added the build instructions to the README.md
Thanks for posting your instructions @jkommeren , I have added some of this in the README.md.