Hi @TechGeekUnited, this is expected behavior. Because the tool can also be used for malicious purposes, AV vendors add it as a signature to their products.
Attempt to run it in-memory using a C2 framework like Cobalt Strike. This will however shift the problem as you then need to make sure the C2 implant is not detected.
Hi @TechGeekUnited, this is expected behavior. Because the tool can also be used for malicious purposes, AV vendors add it as a signature to their products.
More details here: https://www.virustotal.com/gui/file/ec2146655e2c04bf87b8db754dd2e92b8c48c4df47b64a9adc1252efd8618e62/
If you want to run it undetected, the following options might help:
Hope that helps!