Kaspersky detecting Trojan.Win32.Ebowla.bn in docker.exe

Expected behavior

Installation works without triggering antivirus

Actual behavior

Kaspersky IS detects malicious code in the docker.exe binary

VirusTotal has one corroborating detection: https://www.virustotal.com/en/file/82e119c4d1c8b07719280c77acf3cab624362d6165e01781a2b193fe1f7bfa34/analysis/

I’m looking at the Ebowla go code to see if there is a reason for docker to generate a false positive, not posting an issue on github until I have done more footwork…

1 Like

I have a similar problem - avast detects the latest update as a virus (of different kind) - Malware-gen [Tri].

Cheers,
Mario

Did you ever get more info on this? We are getting the same alert, but a different file:

c:\Windows\Installer\afdee76.msi\Docker.cab

In my case Kaspersky detects PDM:Trojan.Win32.Generic in dockerd.exe

Can you please follow up with Kaspersky? https://forum.kaspersky.com/index.php?showtopic=353275

I did it, and there I saw a link to this discussion. Anyway, I’ve posted there the same comment.

Thanks for your attention.

What version of kaspersky did you install, u can install newest version of kaspersky in https://keykaspersky.com

Nice write-up and I just love reading it. The content mentioned is thoughtful and precise. I just got the thing which I was looking for after going through this blog. Impressive, really very impressive information. https://icgadsindia.weebly.com/blog