GYB - Trojan:Win32/Malgent!MSR
9 views
Skip to first unread message
Anv
Oct 4, 2025, 10:58:08 AM (4 days ago) Oct 4
to Got Your Back: Gmail Backup
Date: 04-Oct-2025
Hello All,
Today I discovered GYB, and promptly downloaded the .msi file for Windows after reading the necessary details on github.
Download link: https://github.com/GAM-team/got-your-back/releases
Now, immediatley after download, Windows defender displayed the Malware / trojan detected warning and deleted the downloaded file, further details can be seen in the attached screenshot.
Malware detected: Trojan:Win32/Malgent!MSR
More info on malware: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=Trojan%3AWin32%2FMalgent!MSR&threatid=2147742994
I have not tried downloading the file again. However, suggestions and insights from you all would be appreciated in this regard.
Regards,
ANV
Jay Lee
Oct 4, 2025, 11:00:54 AM (4 days ago) Oct 4
to Got Your Back: Gmail Backup
Windows Defender is worth every penny you pay for it. Slightly better than the worthless AV software you do pay for...
This is a false positive. Report it to MS and ignore it (yes I know that's a bad answer but MS makes it extremely hard to solve this).
I do have it on my todo list to sign GYB builds like GAM builds are now signed which seems to help here (and shows what useless junk AV software has become these days).
Jay
Jay Lee
--
--
You received this message because you are subscribed to the Google
Groups "Got Your Back: Gmail Backup" group.
To post to this group, send email to got-yo...@googlegroups.com
To unsubscribe from this group, send email to
got-your-bac...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/got-your-back?hl=en?hl=en
---
You received this message because you are subscribed to the Google Groups "Got Your Back: Gmail Backup" group.
To unsubscribe from this group and stop receiving emails from it, send an email to got-your-bac...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/got-your-back/0f90ddd6-47c8-41ed-99be-d47d698ee1f9n%40googlegroups.com.
Anv
Oct 4, 2025, 11:11:12 AM (4 days ago) Oct 4
to Got Your Back: Gmail Backup
Hello Mr. Lee,
Thanks for the update. Appreciate it.
I do realize that such false positives are quite irritating, however, what spooked me was the summary that microsoft provides on their trojan description page: "Trojan:Win32/Malgent!MSR is a malware
strain used by Diamond Sleet, a North Korean state-sponsored threat
actor, in its software hijacking campaigns. ...
Once the victim runs the software,
DLL hijacking occurs, allowing the attacker to install a backdoor,
enabling further payload execution and credential theft. "
Regards,
ANV
Anv
Oct 4, 2025, 11:13:09 AM (4 days ago) Oct 4
to Got Your Back: Gmail Backup
Also, thank you for your hard work on this project, it is such useful tools that make our lives easier.
Regards,
ANV
Reply all
Reply to author
Forward
0 new messages