MediCat Installer - Made by MON5TERMATT 2022-10-28

So I downloaded the MediCat torrent 3 times using 3 different Torrent clients. In each case, the installer .exe showed as being included in the list of files, but was nowhere to be found in any of the directories. Looking at the individual files, it should have been located in the root directory of the download. All the other executables were there so it wasn't a target of any malware/virus app. It was a phenomenon I have never seen happen. I thought perhaps it was my torrent client, which is why I switched 3 times - but they all did the same. Finally, I came across the link for Matt's script and decided to give it a whirl. It took quite a while to download all the pieces (Like 2+ hours and I have a i7 and 400Mbps Down) - but I am a patient person and just let it do its thing... In the end I have a working installation now and I thank everyone who has put a lot of effort into this project. One question I do have though is - why isn't this distributed as an .iso? Seems like it would simplify things? But hey! Thanks guys for the hard work nevertheless.

on screen instructions are bad. leads you to believe it can download the files on its own but it can't.

Kudos to the developers! A nice "little" script, that must have been quite a lot of work to code this, thanks for providing it! I'm glad to have found such a great script here! This is already, a completely different league than "Sergei Strelec" or the "Hirens Boot CD" series! This one is "the Next Level!"

P.S
The "False-Positive" finding, probably comes (at the EXE file, which was distributed here before) because, it is (as I think) an "EXE" file, which was created from a "Bat" file with a "Bat to EXE" converter. (Please tell me if I am wrong). If, here it was packed with "UPX" (similar to 7-ZIP), it makes the false positive problem even worse. Because malware is often packed with UPX, because the packer supports encryption and encrypted archives or packed files escape the eye of a virus scanner. So most scanners (also Virustotal counts to it) recognize simply, everything, which was packed with UPX as malicious files. This is one reason why virus scanners are no longer the first choice, as in the 90s ...

I could very well be doing something wrong, but I ran the executable and here's what I get:

The term 'Invoke-WebRequest' is not recognized as the name of a cmdlet, function, script file, or o
perable program. Check the spelling of the name, or if a path was included, verify that the path is
correct and try again.
At line:1 char:18
+ Invoke-WebRequest <<<< -Uri 'DEFAULT' -
OutFile './MEDICAT_NEW.EXE'
+ CategoryInfo : ObjectNotFound: (Invoke-WebRequest:String) [], CommandNotFoundExcept
ion
+ FullyQualifiedErrorId : CommandNotFoundException

The term 'Invoke-WebRequest' is not recognized as the name of a cmdlet, function, script file, or o
perable program. Check the spelling of the name, or if a path was included, verify that the path is
correct and try again.
At line:1 char:18
+ Invoke-WebRequest <<<< -Uri 'DEFAULT' -OutFile './u
pdate.bat'
+ CategoryInfo : ObjectNotFound: (Invoke-WebRequest:String) [], CommandNotFoundExcept
ion
+ FullyQualifiedErrorId : CommandNotFoundException

Alright, it does give you a virus warning with Windows Defender but after looking around for a bit it turns out it is a false positive. PowerShell commands are known as cmdlets which you can use to execute and even automate system-level tasks (which is the case here since it is automating the download & install process).

https://youtu.be/Zid1dff25bg

Also the code is public.

This tool beats the hell out other tools i don't find the reason for it being a false positive by some people I find rather common sense and knowledge is missing here :).

This is being detected as Malware by various different scan engines on VirusTotal. I also doubt it's a simple false positive, a simple script with built in Torrent downloader should not be detected as such.