Docker Community Forums

Share and learn in the Docker community.

Kaspersky detecting Trojan.Win32.Ebowla.bn in docker.exe


(Josselin Pujo) #1

Expected behavior

Installation works without triggering antivirus

Actual behavior

Kaspersky IS detects malicious code in the docker.exe binary

VirusTotal has one corroborating detection: https://www.virustotal.com/en/file/82e119c4d1c8b07719280c77acf3cab624362d6165e01781a2b193fe1f7bfa34/analysis/

I’m looking at the Ebowla go code to see if there is a reason for docker to generate a false positive, not posting an issue on github until I have done more footwork…


(Mario Toffia) #2

I have a similar problem - avast detects the latest update as a virus (of different kind) - Malware-gen [Tri].

Cheers,
Mario


(Keith Davis) #3

Did you ever get more info on this? We are getting the same alert, but a different file:

c:\Windows\Installer\afdee76.msi\Docker.cab


(Emilio Medina Arribas) #4

In my case Kaspersky detects PDM:Trojan.Win32.Generic in dockerd.exe


(Michael Friis) #5

Can you please follow up with Kaspersky? https://forum.kaspersky.com/index.php?showtopic=353275


(Emilio Medina Arribas) #6

I did it, and there I saw a link to this discussion. Anyway, I’ve posted there the same comment.

Thanks for your attention.


(Andrewstop) #7

What version of kaspersky did you install, u can install newest version of kaspersky in https://keykaspersky.com


(ICG Ads India) #9

Nice write-up and I just love reading it. The content mentioned is thoughtful and precise. I just got the thing which I was looking for after going through this blog. Impressive, really very impressive information. https://icgadsindia.weebly.com/blog