Author Topic: avast keep not detecting a malware  (Read 3596 times)

0 Members and 1 Guest are viewing this topic.

Offline Tonanet

  • Sr. Member
  • ****
  • Posts: 353
  • I'm a llama!
avast keep not detecting a malware
« on: October 08, 2013, 08:23:13 PM »
Hello guys,

I have submitted a file multiple times to avast but it has not been added to virus definition since last week.  Many avs are now detecting it but avast. 

Whats happening?

Here the latest virus total link:

https://www.virustotal.com/pt/file/f5197dc9b015869791c6f0508ffb7269fcf6941f7f4f3f6753c0e31975981212/analysis/1381255772/

Thanks for your time.
« Last Edit: October 08, 2013, 08:38:07 PM by Tonanet »

Offline Secondmineboy

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3645
Re: avast keep not detecting a malware
« Reply #1 on: October 08, 2013, 08:25:39 PM »
Maybe it is detected by FileRep or the Sandbox/Deepscreen you ca only test this in a Virtual machine.
Windows 10 1909, 4 GB DDR3 RAM, 500 GB 5400 RPM HDD, 1366 by 768 LCD Screen, Intel Core i3 5010U Dual Core, Intel HD Graphics 5500
HUAWEI P30 Pro. Android 10

Offline Tonanet

  • Sr. Member
  • ****
  • Posts: 353
  • I'm a llama!
Re: avast keep not detecting a malware
« Reply #2 on: October 08, 2013, 08:45:26 PM »
Hello Steven,

Thanks for your reply.

Thats a good Idea, I believe I will create a virtual machine to test this special detections. I thought that every special detection would become a signature detection, but maybe this is not true. Maybe what is already being detected by other ways like file rep would not have a signature in database.

Anyway, tonight I will create a virtual machine and test it. I will post the results here. Hope it detects :)

Thanks!

Offline Secondmineboy

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3645
Re: avast keep not detecting a malware
« Reply #3 on: October 08, 2013, 08:53:41 PM »
FileRep, DeepScreen (Avast 2014) Sandbox, and Evo-Gen are working on execution.
Windows 10 1909, 4 GB DDR3 RAM, 500 GB 5400 RPM HDD, 1366 by 768 LCD Screen, Intel Core i3 5010U Dual Core, Intel HD Graphics 5500
HUAWEI P30 Pro. Android 10

Offline Tonanet

  • Sr. Member
  • ****
  • Posts: 353
  • I'm a llama!
Re: avast keep not detecting a malware
« Reply #4 on: October 13, 2013, 01:41:49 PM »
Hello,

I have created a vmware machine, installed avast and then run both cpl files that I received by email.
Avast missed both. One of them downloaded an exe that installed itself to registry wich avast also missed.

Avast missed both of them and the droped exe badly :-(

Thanks for your time!

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: avast keep not detecting a malware
« Reply #5 on: October 13, 2013, 01:43:47 PM »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33885
  • malware fighter
Re: avast keep not detecting a malware
« Reply #6 on: October 13, 2013, 02:31:09 PM »
As avast has a large foothold in the Brazilian av market,
so understandably Brazillian malcreants especially try to circumvent and harden against avast! detection as
one can conclude from this report: https://www.virustotal.com/nl/ip-address/200.98.196.11/information/
Also see: https://www.virustotal.com/nl/domain/renausi.com.br/information/
Re: http://www.threatexpert.com/report.aspx?md5=56c62ba75e8a8364739f1b875e37a649
and here at the beginning phase of the av detection cycle: https://malwr.com/analysis/ZjgzMzE1NGNjNzgwNDRhZGFkODQzZjBiYTE5NmU2OTQ/
(shellcode malware)
In Brazil some malcreants call avast! the "Brazilian av sieve", this should not be so,
therefore what Eddy suggests is the most sensible thing to do - report to virus AT avast dot com.

polonus
« Last Edit: October 13, 2013, 02:37:47 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Tonanet

  • Sr. Member
  • ****
  • Posts: 353
  • I'm a llama!
Re: avast keep not detecting a malware
« Reply #7 on: October 13, 2013, 04:16:07 PM »
Hello guys!

I already submitted this file 3 or 4 times in the last 7 days to avast (using the link provided).
Unfortunatly avast takes months to detect cpl files when I submit to them.

Its very frustating.

Thanks for your time!

Offline Tonanet

  • Sr. Member
  • ****
  • Posts: 353
  • I'm a llama!
Re: avast keep not detecting a malware
« Reply #8 on: October 15, 2013, 03:26:12 AM »
One .Cpl file is now being detected as win32:malware-gen  :)

Now lets wait for the other  :)

Offline Tonanet

  • Sr. Member
  • ****
  • Posts: 353
  • I'm a llama!
Re: avast keep not detecting a malware
« Reply #9 on: October 17, 2013, 01:51:21 PM »
Hello,

just one more update.  The first cpl file still not being detected.  However its both payloads,  2 exe files that it downloads,  are detected as win32:malware-gen. Tested on my virtual machine.

Thanks for your time!