ssf-win-x86_64-3.0.0.zip is a trojan - Githubissues

securesocketfunneling / ssf

Secure Socket Funneling - Network tool and toolkit - TCP and UDP port forwarding, SOCKS proxy, remote shell, standalone and cross platform

https://securesocketfunneling.github.io/ssf/

Other

1.59k stars 234 forks source link

ssf-win-x86_64-3.0.0.zip is a trojan #94

Open jtmoon79 opened 3 years ago

jtmoon79 commented 3 years ago

The download ssf-win-x86_64-3.0.0.zip appears to be a trojan.

https://www.virustotal.com/gui/file/329748f6ea665d1c398cc09f19cee5784d5356eaf8a49988c069d4bffbca9f26/detection

colemar commented 3 days ago

False positive or not, a detection ratio of 46/67 on VirusTotal is a problem. It cannot be downloaded in Chrome nor in Firefox unless you force it. Even then, it does not stay long because it will be nuked by practically any decent antivirus.

If you manage to unzip it, the main offender seems upx-ssf.exe (VT detection ratio: 34/71): UPX compression is popular among malware: https://www.esecurityplanet.com/threats/upx-compression-detection-evasion/

All of the executables get high VT detection ratios.