Jump to content

RSA2048Sha256 GenKey and Sign for EDK2 tools False Positive Trojan.SpyEyes


Recommended Posts



MBAM3.0 on Windows 10 has flagged RSA2048Sha256GenerateKey.exe and RSA2048Sha256Sign.exe as Trojan.SpyEye.R.


Both files are included for the prebuilt tools for the EFI Development Kit II at the Tianocore GitHub



Files on my pc match the sha256 from the virustotal scans I just did and can be  found  here 








Curious that it should be fine as it's old and also marked as OK for the Malwarebytes response and should have been picked up by MBAM3 as false




Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.