speedtest-backend.exe classified as threat

Question

speedtest-backend.exe classified as threat

cascaabreu opened this issue 2 years ago · 3 comments

Description

On the lastest release 1.1.5, Windows Defender while fully updated classifies it as a threat.
Somehting to do with the patches on "fix Windows build"? (9cbc95a)

Server

Windows 10
Caddy webserver

Client

NA

Steps to reproduce

Download latest release
Bad stuff may happen

Expected behaviour

No threat?

Screenshots

Answer 1 · 2022-07-23T12:19:54.000Z

I think this is due to the fact that the binary is UPX compressed. You can try decompress it using upx -d to see if Windows is still complaining.

Answer 2 · 2022-08-11T22:43:55.000Z

Took some time...

Got the latest release from https://github.com/upx/upx and ran upx -d speedtest-backend.exe inside Windows Sandbox to get away from Windows Defender.
Copied the resulting file to the server without warnings or getting it quarantined!

Great! What about future releases? Should I integrate this step (upx -d) into my updater script?

Answer 3 · 2022-08-11T22:48:02.000Z

Although now I'm unable to start the service with a ton of runtime errors.