The url was malformed so that the download target could not be found and the web server returned a 404 page. That return was interpreted by Defender as malicious. The returned 404 did not contain any malware just plain html. When I try to do the same within edge browser no defender warning was created. So at the moment I have no clue what was going on. I am investigating further.
With the correct url everything works as expected.
“Trojans” are malware that spread by masquerading as something else. Google suggests that “Wacatac” spreads via mislabeled e-mail attachments.
Well it’s a signature that the virus scanner may look for so it looks more like it’s compromized and not that it could be something else. These kind of trojans could worm them selves into any software, code, memory, file etc. It’s better to do a full virus scan (or MRT) and then just remove (quarantine) the things with issues.
If you have “cracked” software, 99% of the cases the (windows) system could be infected.
Yes, I understand that. But, I usually download everything using my MBP M1, including Windows software (Windows 10 &nd 11 included), then I move the downloads to Windows (when needed).
And, nowadays, it is worth knowing everything download correctly in all possible cases (including this strange one).
virustotal checked both url (exe and zip) of my file without any alarm. When my client downloads the uncompressed exe (setup file created via innosetup) there is no problem. This is weird. So it seams that distributing the uncompressed setup file is the best option.
Have you tried modifying the word size, compression method or compression level? these options may change the resulting file and therefore may resolve the issue. I use 7-Zip which offers these options.