Closed jbalcorn closed 3 years ago
Hi @jbalcorn - It is not possible to reproduce what you report; Windows Defender reports no findings.
New-PASSession
:New-PASSession
from psPAS 4.4.71
:
Confirmation of file hash of file analysed by VirusTotal against the hash of New-PASSession
from psPAS 4.4.71
.
Get-FileHash "C:\Temp\psPAS-v4.4.71\4.4.71\Functions\Authentication\New-PASSession.ps1" | fl
Algorithm : SHA256
Hash : 6D89E2A8A4F9879FD71D2A6E5647FD61722736B77657846F4EEC6B52FD648B10
Path : C:\Temp\psPAS-v4.4.71\4.4.71\Functions\Authentication\New-PASSession.ps1
We got a Signature update and it was no longer being quarantined. -- Justin B. Alcorn The views expressed are not necessarily my own, much less anyone else's PGP Fingerprint CCEB F776 C3FD 1050 C8DB 532E B8B9 BED7 7764 406C
On Sat, Oct 3, 2020 at 11:01 AM Pete Maan notifications@github.com wrote:
Hi @jbalcorn https://github.com/jbalcorn - It is not possible to reproduce what you report; Windows Defender reports no findings.
- The psPAS code is fully transparent:
Complete update history for New-PASSession:
https://github.com/pspete/psPAS/blame/master/psPAS/Functions/Authentication/New-PASSession.ps1
https://github.com/pspete/psPAS/commits/master/psPAS/Functions/Authentication/New-PASSession.ps1
Virus Total analysis of New-PASSession from psPAS 4.4.71:
Confirmation of file hash of file analysed by VirusTotal against the hash of New-PASSession from psPAS 4.4.71.
Get-FileHash "C:\Temp\psPAS-v4.4.71\4.4.71\Functions\Authentication\New-PASSession.ps1" | fl
Algorithm : SHA256 Hash : 6D89E2A8A4F9879FD71D2A6E5647FD61722736B77657846F4EEC6B52FD648B10 Path : C:\Temp\psPAS-v4.4.71\4.4.71\Functions\Authentication\New-PASSession.ps1
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/pspete/psPAS/issues/315#issuecomment-703116949, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABXEEZHCL4HQAZBFJUPGQGDSI44EHANCNFSM4SCI4RDA .
Good to know 👍
Describe the issue Defender identifying New-PASSession as Trojan:Powershell/Mountsi.A!ml as of 10/2/2020
To Reproduce Attempt to run on Windows 10 with updated Windows Defender Anti-Virus
Expected behavior Not eb identified as a virus
Screenshots & Console Output
Your Environment Windows 10 1809