Malware Analysis Little Evasive Malware Test I did.

Status
Not open for further replies.

Xeno1234

Level 14
Thread author
Jun 12, 2023
684
I found a decently evasive sample on a website and wanted to test it. At the current moment, I am pretty sure its malicious, as the VT Code Insight says that it is malware, and Defender added a signature for it.
This sample starts a .cmd script that does some malicious stuff, pretty much the best way I can describe it.

Results:
Kaspersky: Blocked before CMD even started (UDS cause I put it into Opentip, but also blocked by PDM even before the cmd started! I disabled components that blocked it via UDS)
Avast: Detected as the CMD started.
Bitdefender: Miss
MS Defender: Miss (Detects it now via Signatures)
ESET: Miss (Didnt test with Liveguard to simulate a test where you dont have the highest tier subscription)

Sample:
Do what you wish with it, if needed.
 
Last edited:
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top