This script contains malicious content and has been blocked by your antivirus software.

dafthack / MFASweep

A tool for checking if MFA is enabled on multiple Microsoft Services

MIT License

1.38k stars 188 forks source link

This script contains malicious content and has been blocked by your antivirus software. #14

Open simpleetech opened 1 year ago

simpleetech commented 1 year ago

Hey!

Loving the script, but I have started getting the error below when trying to run it. I suspect Windows Defender doesn't like the base64 encoded EWS DLL binary that is inline.

Has anyone else seen this?

Suggestions for verifying the script is still safe?

simpleetech commented 1 year ago

This is what Defender recognised it as.

Trojan:PowerShell/Mailsniper.B

JBines commented 6 months ago

@dafthack I'm seeing this as well can you explain more why this would be expected?