Avast cannot detect KeyBTC ransomware

[REDACTED]

Hi,

One of my users got his PC infected with a ransomware that encrypted his files and ask for 0.5BTC (keybtc@inbox.com)

I am currently scanning with "Malwarebytes" but I am wondering : why Avast did not find it
Resident shield protection is active and a virus scan found nothing

Best regards,

[Pondus]

I am currently scanning with "Malwarebytes" but I am wondering : why Avast did not find it

NO security program have 100% detection or zero false positives

the malware world is not static, bad guys constantly update, modify, create new versions to avoid detection

This what AV vendors try to block/detect evry day  https://www.av-test.org/en/statistics/malware/

One of my users got his PC infected with a ransomware that encrypted his files and ask for 0.5BTC (keybtc@inbox.com)

We can assist in removing it here if you want, but the files are gone ... unless you pay

[REDACTED]

I am puzzled right now, Malwarebytes, Spyhunter cannot them it as well ...

Is it possible the script erases itself after encrypting the files ?

Thanks

[Pondus]

Is it possible the script erases itself after encrypting the files ?

That is possible, there are malware that does that, or it is a very new version that few detect

do you want help removing it?

[REDACTED]

I found the originating script file ... can I send it to avast for inspection ?

[Pondus]

I found the originating script file ... can I send it to avast for inspection ?

yes, try here   https://support.avast.com/support/tickets/new?form=3

you may also upload the file to  www.virustotal.com  and test it, if scanned before, click rescan for a fresh result
Post link to scan result here

[REDACTED]

https://www.virustotal.com/en/file/d714efe9b8f0f143d43d31dd578ae034e7fcfeafd5347ca34b19f1a21271122a/analysis/1453392516/

[Pondus]

seems to be very new  First submission 2016-01-21 16:08:36 UTC ( 2 minutes ago )

and it is a java script, so Malwarebytes will never detect it as it dont target script files