Windows Defender flags legacy-notepad-x86.exe as Trojan:Win32/Wacatac.H!ml

Hi,

I’d like to report an issue detected by Windows Defender on Windows 11.

A few days after downloading legacy-notepad-x86.exe, Windows Defender flagged the file as Trojan:Win32/Wacatac.H!ml. The detection occurred immediately after downloading the file, without ever executing it.

This issue does not occur with legacy-notepad-x64.exe, which is not flagged by Windows Defender.

I verified the integrity of the file and confirmed that the SHA-256 hash matches the hash published in the release.

Maybe it could be a false positive, but I wanted to report it for visibility.

I’ve attached screenshots from Windows Defender and VirusTotal for reference.

Thanks for your work, and please let me know if you need any additional information.

<img width="auto" height="400" alt="Image" src="https://github.com/user-attachments/assets/3f555ffe-390d-4aab-b424-3c5b2bd25c4a" />

<img width="auto" height="400" alt="Image" src="https://github.com/user-attachments/assets/377f081f-0703-41a2-b6a1-3c4bf7bc92a4" />

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Windows Defender flags legacy-notepad-x86.exe as Trojan:Win32/Wacatac.H!ml #26

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Windows Defender flags legacy-notepad-x86.exe as Trojan:Win32/Wacatac.H!ml #26

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions