doctl v1.87.0 for windows is detected as a malware by windows security

Question

Today I attempted to update the doctl in my pc from 1.85.0 to 1.87.0 via scoop. The update process was broken on the package extraction step because the content of the package was detected as Trojan:Script/Wacatac.B!ml ❯ scoop install doctl Installing 'doctl' (1.87.0) [64bit] from main bucket Starting download with aria2 ... Download: Download Results: Download: gid |stat|avg speed |path/URI Download: ======+====+===========+======================================================= Download: 5f8f02|OK | 2.8MiB/s|C:/Users/magelan/scoop/cache/doctl#1.87.0#https_github.com_digitalocean_doctl_releases_download_v1.87.0_doctl-1.87.0-windows-amd64.zip Download: Status Legend: Download: (OK):download completed. Get-Content: C:\Users\magelan\scoop\apps\scoop\current\lib\core.ps1:1173 Line | 1173 | return Get-Content $file -AsByteStream -TotalCount 8 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | Operation did not complete successfully because the file contains a virus or potentially unwanted software. : | 'C:\Users\magelan\scoop\cache\doctl#1.87.0#https_github.com_digitalocean_doctl_releases_download_v1.87.0_doctl-1.87.0-windows-amd64.zip' Checking hash of doctl-1.87.0-windows-amd64.zip ... Get-FileHash: C:\Users\magelan\scoop\apps\scoop\current\lib\install.ps1:674 Line | 674 | $actual = (Get-FileHash -Path $file -Algorithm $algorithm).Hash.T … | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | Operation did not complete successfully because the file contains a virus or potentially unwanted software. : | 'C:\Users\magelan\scoop\cache\doctl#1.87.0#https_github.com_digitalocean_doctl_releases_download_v1.87.0_doctl-1.87.0-windows-amd64.zip' InvalidOperation: C:\Users\magelan\scoop\apps\scoop\current\lib\install.ps1:674 Line | 674 | $actual = (Get-FileHash -Path $file -Algorithm $algorithm).Hash.T … | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | You cannot call a method on a null-valued expression. Get-Content: C:\Users\magelan\scoop\apps\scoop\current\lib\core.ps1:1173 Line | 1173 | return Get-Content $file -AsByteStream -TotalCount 8 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | Operation did not complete successfully because the file contains a virus or potentially unwanted software. : | 'C:\Users\magelan\scoop\cache\doctl#1.87.0#https_github.com_digitalocean_doctl_releases_download_v1.87.0_doctl-1.87.0-windows-amd64.zip' ERROR Hash check failed! App: main/doctl URL: https://github.com/digitalocean/doctl/releases/download/v1.87.0/doctl-1.87.0-windows-amd64.zip First bytes: Expected: 01506e9987faf47ab52ff028005955818a58c1c696d7b2387f5ef76129ed4fec Actual: Please try again or create a new issue by using the following link and paste your console output: https://github.com/ScoopInstaller/Main/issues/new?title=doctl%401.87.0%3a+hash+check+failed

Andrew SB · Answer

The scoop installer is a third-party tool for installing software. Official doctl downloads are available on GitHub: https://github.com/digitalocean/doctl/releases We provide checksums that can be used to validate the downloads. Looking at the error message, 01506e9987faf47ab52ff028005955818a58c1c696d7b2387f5ef76129ed4fec is the correct checksum for the official doctl-1.87.0-windows-amd64.zip release. Have you opened an issue with the Scoop team? Please try again or create a new issue by using the following link and paste your console output: https://github.com/ScoopInstaller/Main/issues/new?title=doctl%401.87.0%3a+hash+check+failed

Report this

doctl v1.87.0 for windows is detected as a malware by windows security

Become a contributor for community

DigitalOcean Documentation

Resources for startups and SMBs

Get our newsletter

The developer cloud

Get started for free