Trojan Virus in Butler-SOS

Question

Trojan Virus in Butler-SOS

Justformoment opened this issue 2 years ago · 2 comments

Justformoment commented 2 years ago

What version of Butler SOS are you using?

9.2.2

What version of Node.js are you using? Not applicable if you use the standalone version of Butler SOS.

N/A

What command did you use to start Butler SOS?

N\A

What operating system are you using?

N\A

What CPU architecture are you using?

N\A

What Qlik Sense versions are you using?

N\A

Describe the Bug

Hi Team,

During the scan for virus in virustotal.com, we have found trojan virus in it. Can you check or confirm if it's false positive?

Thank you all

Expected Behavior

No response

To Reproduce

No response

Answer 1 · 2022-10-14T09:49:32.000Z

@Justformoment thanks for reporting this.

You didn't mention which OS you use, but I have scanned the Windows and macOS binaries using both Bitdefender (macOS + Windows) and Windows Defender (Windows).

All scans came back negative.

Now, there are two options:

Your antivirus software is correct and Bitdefender + Windows Defender is incorrect. In that case there's a malware.
Bitdefender + Windows Defender is correct. No malware.

I can't guarantee that there isn't a problem, but as only 1 of 62 scanners (funny - when I ran the scan I got reply from 69 scanners) in VirusTotal reports the file as malicious I am personally not too worried.

Answer 2 · 2022-12-20T20:37:27.000Z

We've done a few more releases of both Butler SOS and other tools since this ticket was created, and that same scanner always report the Butler family as virus/malware. Everyone else says its fine.

Could be because Butler, Butler SOS and their siblings are all Node.js apps wrapped up to become Windows EXE files.
Maybe that scanner doesn't like that. Just a guess..

Closing this ticket as we can't find anything solid to work on.