search

justinknguyen / BeatBind

A background Python Windows application for global hotkeys on Spotify.
MIT License
51 stars 7 forks source link

Trojan:Win32/Wacatac.B!ml #21

Closed Iowerth closed 2 months ago

Iowerth commented 2 months ago

Hello. Latest version 1.8.3. Windows 10 x64 22H2 19045.4894.

Today Windows Defender moved BeatBind.exe to quarantine with this:

Trojan:Win32/Wacatac.B!ml

file: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeatBind.lnk

file: C:\Windows\System32\Tasks\BeatBind->(UTF-16LE)

file: D:\Downloads\BeatBind\BeatBind.exe
regkey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE0F78BC-35F5-4730-A9AB-450B59302F6D}
regkey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BeatBind
startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeatBind.lnk
taskscheduler: C:\Windows\System32\Tasks\BeatBind
Iowerth commented 2 months ago

https://www.virustotal.com/gui/file/dc23ff7638b5a4d498afd3dce819e2bde2435a0e73b0d20bf65508a774cd790d

изображение

justinknguyen commented 2 months ago

yea since this program is written in Python, and even using nuitka to recompile it to C, Windows sometimes false flags it. I'll try recompiling the app after work, which can help sometimes, but it's best to just exclude the folder from your antivirus. You can also try compiling it yourself

Iowerth commented 2 months ago

Yes I can, but others maybe not. Think it would be better to make .exe without this issue.

justinknguyen commented 2 months ago

updated the release details with more info