ESET Insiders cutting_edgetech 25 Posted May 17, 2018 ESET Insiders Share Posted May 17, 2018 (edited) I installed Kali Linux 2018.2 VM 64bit in Virtualbox which I downloaded from Offensive Security, and about an hour after Kali was running iddle in the VM Eset began to detect multiple threats on the Host Machine (Windows 10 x64 Pro). I shut down Kali Linux for now. It had detected 8 threats before I shut down Kali Linux. I submitted the threats for analysis with my email, but I would like to know what the threats are classified as. I would like to know what Eset's findings are once they have analyzed the threat. I'm using Kali Linux for my Course of Study in InfoSec. I obtained Kali Linux here from Offensive Security. It's the the Kali Linux VM 64bit [OVA] https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-hyperv-image-download/ sincerely, Cutting_edgetech Edited May 17, 2018 by cutting_edgetech Link to comment Share on other sites More sharing options...
itman 1,751 Posted May 17, 2018 Share Posted May 17, 2018 If Veil-Evasion code is installed, that is what Eset is detecting: https://www.veil-framework.com/framework/veil-evasion/ Link to comment Share on other sites More sharing options...
ESET Insiders cutting_edgetech 25 Posted May 18, 2018 Author ESET Insiders Share Posted May 18, 2018 It says something about mimikatz. I just started reading about it at the links below. https://github.com/gentilkiwi/mimikatz https://www.offensive-security.com/metasploit-unleashed/mimikatz/ https://resources.infosecinstitute.com/mimikatz-walkthrough/ Link to comment Share on other sites More sharing options...
ESET Insiders cutting_edgetech 25 Posted May 18, 2018 Author ESET Insiders Share Posted May 18, 2018 (edited) I didn't realize it was a url until later. I initially thought it was being detected from the disk directory. It's been a long day. Edited May 18, 2018 by cutting_edgetech Link to comment Share on other sites More sharing options...
itman 1,751 Posted May 18, 2018 Share Posted May 18, 2018 (edited) 12 hours ago, cutting_edgetech said: It says something about mimikatz. I just started reading about it at the links below. It appears that the Kali Linux download from Offensive Security also includes links to pen testing tools such as Metasploit which includes Mimikatz. Since these tools can and are used maliciously, this is what Eset is detecting. Edited May 18, 2018 by itman Link to comment Share on other sites More sharing options...
ESET Insiders cutting_edgetech 25 Posted May 26, 2018 Author ESET Insiders Share Posted May 26, 2018 (edited) Thanks, I figured that was the reason for the detection. It's definitely not a false positive. Edited May 26, 2018 by cutting_edgetech Link to comment Share on other sites More sharing options...
Recommended Posts