Avast antivirus found Threat "MPPT97:ShellCode-O [Expl]" in the Apache Drill sources.
OS Windows 10.
Free Avast antivirus v. 19.8.2393 (build 19.8.4793.544)
Steps to reproduce:
Download archive with Drill sources from GitHub
- open Chrome browser;
- go to https://github.com/apache/drill link;
- open the "Clone or download" menu;
- click the "Download ZIP" button and save archive on a disk.
Expected result - archive successfully downloaded.
Actual result - Chrome browser canceled the download and deleted Drill sources archive fron the disk. Avast showed an alert window with virus description. Screenshot is in the attachments.
Clone Drill sources from GitHub using git console version
- open CMD;
- type "git clone https://github.com/apache/drill.git";
- scan clonned Drill sources folder using Avast antivirus.
Expected result - Viruses were absent.
Actual result - Avast showed an alert window with virus description.
Here is the link with report from other antiviruses for this "attack-trace.pcap" file: