« previous next »
Pages: [1]   Go Down

Author Topic: What malware resides here? Avast detects Win32:Malware-gen!  (Read 1885 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
What malware resides here? Avast detects Win32:Malware-gen!
« on: December 26, 2018, 12:45:58 AM »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
Re: What malware resides here? Avast detects Win32:Malware-gen!
« Reply #1 on: December 26, 2018, 12:49:45 AM »
Real interesting background read on Haruko's detection:
-https://tracker.fumik0.com/learning
Quote
Disclaimer: Examples of commands used by Attackers
For DFIR / CERT / SOC Analysts, this is a good start for signatures and learning some stuff
Disclamer : This is real cases of commands. (good or malicious)
I am not responsible for your acts
  (for educational purposes only by ethical security researchers).
As there are other tools, like: -https://manalyzer.org/report/fdc1a95188cf00160a05ea4a1d50e84c
(security researchers can revive the link  ;) from: -https://tracker.fumik0.com/links

polonus
« Last Edit: December 26, 2018, 12:55:12 AM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37529
  • Not a avast user
Re: What malware resides here? Avast detects Win32:Malware-gen!
« Reply #2 on: December 26, 2018, 01:32:50 PM »
Logged

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
Re: What malware resides here? Avast detects Win32:Malware-gen!
« Reply #3 on: December 26, 2018, 05:43:21 PM »
Is this obfuscated miner detected and being blocked?
-https://authedmine.com/lib/authedmine.min.js
Given as a low-security risk for this optional miner: https://sitecheck.sucuri.net/results/https/authedmine.com/lib/authedmine.min.js
See: https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=fHV0aHsjbVtuey5eXW1gbFtiYHx1dGh7I21bbnsubVtuLmpz~enc

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37529
  • Not a avast user
Re: What malware resides here? Avast detects Win32:Malware-gen!
« Reply #4 on: December 26, 2018, 07:02:44 PM »
« Last Edit: December 27, 2018, 11:59:26 AM by Pondus »
Logged

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
Re: What malware resides here? Avast detects Win32:Malware-gen!
« Reply #5 on: December 27, 2018, 12:20:07 AM »
Thank you, Pondus, that is overtly clear then.

Miners optional or not, are all frowned upon, and all are being alerted too.
Let there be no doubt about it that AV does not like mining code.

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »