[Bug]: Windows Defender detects Trojan:Script/Wacatac.B!ml

[lococafe]

What happened?

In https://github.com/thewh1teagle/vibe/releases/download/v1.0.6/vibe_1.0.6_x64-setup.exe, downloaded from https://thewh1teagle.github.io/vibe/, Windows Defender detects Trojan:Script/Wacatac.B!ml. I'm not sure if this is a false positive, but maybe should be added to ReadMe.

Steps to reproduce

Downloaded file, executed file.

What OS are you seeing the problem on?

Window

Relevant log output

No response

[thewh1teagle]

Thanks for reporting!

I'm not sure why Windows flags it as a Trojan; it hasn't happened to me on Windows 11. Were you able to eventually use it, or did the defender block it completely?

Also, regarding what to add to the readme, I believe that in the future, we'll simply need to sign it with an authorized certificate. However, I don't have one, so it's a good time to ask supporters to help with that or donate towards it.

[asahi38]

Hello, same with WithSecure (aka F-Secure) on W10. It detects the exe file as a Trojan, TR/ATRAPS.Gen2. https://www.f-secure.com/v-descs/trojan-w32-generic.shtml

[thewh1teagle]

@asahi38 Thanks! I'll try to submit samples for Microsoft / F-Secure. Hope they will whitelist Vibe.

[thewh1teagle]

Update: reported to Microsoft and seems like they whitelisted it.