-
Notifications
You must be signed in to change notification settings - Fork 114
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
detected by windows defender #9
Comments
Lol, I guess you know you've made it if there's a signature out there for you. Anyways, try mutating the variable names a bit. I'll look into when I get the chance, but it is probably flagging on one of the variable names. |
It looks like it is based off a few detections, as you can see from someone posting a sample to False positive for the W97M/M097 detection I believe, but it is definitely macro malware, so there's that. I would say it is definitely triggering on a |
People stay uploading Shit on virustotal wtf. Looking forward to a possible future release, thanks for sharing the info & replying back. |
There are people who are paid to upload malware to VT. |
win 10 defender detected the code in the excel macro enabled work book.
Used veil-evasion>reverse_https generated .bat
used macroshop>python macro_safe.py /home/test.bat test.txt
on windows machine I opened excel, went into devloper>visual basic> workbook and pasted output code from macro_safe.py into workbook and it was detected when I try to save it. saved as extension macro-enabled workbook.
is there any other work around for this?
The text was updated successfully, but these errors were encountered: