Pm me
that’s really very helpful
Looks like i’m waiting for the last one 
1 Like
Sadly, my registered accounts could not login into office yet.
@Illicita how can i get python instead of exe?
I just got this message. Did you eventually get the “edu” link?
Hey, did you received edu mail?
Received 2nd email but how to login to the account.
I guarantee soon this guy will make a botnet, as I can see many people executing this malicious script.
Nothing to do with compiler, this guy is completely lying about this. He hadn’t provided Python Script but .exe File.
Let me prove my point
- Why There Are A Lot Of Processes Running In Background As Shown By Virus Total
- Why There Is Need To Create A Temporary Exe File
- Why On Execution My Windows Defender Behave Like This
If You want I can even easily provide to whom actually our data is being sent during execution
this guy @Illicita is making a botnet, Secure yourself who executed the file…
2 Likes
Lots of assumptions here.
Okay, firstly who is this data being sent to then, you said its easily provable?
-
Idk which virus total image that is with all those processes. I can’t seem to find it by looking at the VT Scan. Again with the second image.
-
Windows defenders picks it up because it is compiled to an exe using pyinstaller. This false positive has been affecting many users that use Pyinstaller.
Links:
- https://github.com/pyinstaller/pyinstaller/issues/4724
- https://github.com/pyinstaller/pyinstaller/issues/4852
- https://github.com/jendrikseipp/rednotebook/issues/472
- https://stackoverflow.com/questions/43777106/program-made-with-pyinstaller-now-seen-as-a-trojan-horse-by-avg
The lists go on.
1 Like
Then What is the issue in sharing the python script rather than executables 
Check This Out Bro!!!
My Reply isn’t biased!!!
Why not to share script rather than executables!!!
https://www.virustotal.com/gui/file/7caeb21a62aad2962aecb52ef903010981172eca573f3b6a5a92fe0cb0a06263/detection i also cross cheacked this guy dont be full please cheack it with virustotal before using any script
i got the same issue
1 Like
Simple, because I dont want someone to take my script. Edit a few lines around then post it on another forum or site and claim its theirs. If an admin really is suspicious of the file, I’ll happily give them the source to check.
Regarding the Virus Total Scan, this file I believe is a different variant of the one in the latest zip, which used Themida Protect after compilation. Hence why it has more running processes. I may be wrong. I have created so many version during testing. However, the latest one does not use themida. Regardless they still show up as detected.
Now, you have every reason to be suspicious of the file. I was, after compiling and I checked it and it came up as detected by a few. You can run this program in a VM, sandbox, VPS If you do not believe it is a false positive.
The initial .exe creates a temp file, because the code is obfuscated. It needs to be de-obfuscated before it can run, hence why it creates another process. This is no secret, anyone that tried to reverse this exe file will find out that is it protected.
There are many reasons why It can be flagged. Once again, I advise anyone who doesn’t believe me to run it on a vm.
Also ‘If You want I can even easily provide to whom actually our data is being sent during execution’ u didnt answer me
2 Likes
Yeah! It brigs in both +ive and -ive thoughts. People can use it o Virtual OS install ad I think everyone should follow the same practice. Rest the script was beneficial as it gave opportunity to get things done fast. Although, I could not get the account with this method and I know these accounts dont survive long. Still it is appreciated. Good Stuff and Keep it up.
1 Like
if it is supposed to do nasty things as an exe file, it can do the same as a script, so i don’t see the point here.
if you don’t trust the exe then run it in a VM and that’s all.
Ms azure and github don’t accept it.
1 Like
and what about google did it work on gdrive?
!