Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Trojan detected in FunctionReachabilityPlugin.class
See original GitHub issueDescription of the issue Please review the build process or investigate a false positive.
After downloading (with a Mac) and checking the SHA-256 sum, some anti-malware / antivirus tools detect Windows trojans in the class files. After unpacking the sources included, and once reviewed the detected class file corresponding source code, the source code seems to be ok.
To Reproduce
- Download the file
ghidra_9.0_PUBLIC_20190228.zip. - Check the SHA-256 sum (OK)
- Scan with free, up to date, anti-malware tool BitDefender (I’m using a Mac)
- A trojan “Java.Trojan.GenericGB.26094” is found in
FunctionReachabilityPlugin.class
Expected behavior No (false nor true) trojan detections should be happening if the provided source code for that class was actually what was compiled.
Screenshots
Environment (please complete the following information):
- OS: mac OS 10.14.3 (18D109)
- Version: 9.0_PUBLIC_20190228
Issue Analytics
- State:
- Created 5 years ago
- Comments:8
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I bet its an false positive… Surely something from NSA is trustable…
/irony
I’ve been decompiling the class with different products over the weekend only to see the recognisable source code (@quosego I wasn’t able to properly build) and, besides, today the Bitdefender stopped reporting the file after an update (I was just checking the file again before reporting the false positive to Bitdefender).
I’m closing the issue @ryanmkurtz