-
Notifications
You must be signed in to change notification settings - Fork 17.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
windows 10 go executables as Troj.Win32.TRX.XXPE50FFF042 #45191
Comments
Please report to Trend Micro |
I had already sent the exe files to the Anti-Virus supplier and they were adamant: the files were malicious. This only happens when "golang.org/x/crypto/ssh/terminal" is imported. |
The |
Last night I looked at this again and found out that: My IT sent me this link that may explain why golang exe are seen as malicious, out of an abundance of caution, by the anti-virus suppliers: |
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
yes
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
tcpclientcc.go
https://play.golang.org/p/6cA6uBWIny1
What did you expect to see?
I expected to see a normal exe file not being identified by anti-virus as a malicious file.
I believe that the executable being considered malicious depends on the link options. Sometimes using upx fixes the problem, other times it creates it:
go build -ldflags="-s -w" %1.go
upx --brute %1.exe
What did you see instead?
I see a pop-up from the Anti-Virus reporting the file as malicious and deleting the exe file.
The text was updated successfully, but these errors were encountered: