Author Topic: Does avast detect Hawkeye generic malware in PUP-mode?  (Read 1691 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Does avast detect Hawkeye generic malware in PUP-mode?
« on: April 08, 2020, 05:02:45 PM »
21 engines now detect this: https://www.virustotal.com/gui/file/843edc7bc28351c5404d3e03b1a989a26b07b0644874a063952460a6f7ae6a42/detection
See: https://urlhaus.abuse.ch/url/336708/
Site has been blacklisted: https://sitecheck.sucuri.net/results/robotrade.com.vn
See: https://www.shodan.io/host/103.74.123.3/raw
Google Safe Browse checks have been performed on each of the linked sites.
Links with poor reputation could be a threat to users of the site.
Hosting and location are also included in the results.

Externally Linked Host   Hosting Provider   Country   
    -derchris.net   Cloudflare.   United-States    
    -www.cloudflare.com   Cloudflare.   United-States

Hosting: https://www.shodan.io/host/103.74.123.3  503  insecure!
Service Unavailable 503 error
The server is temporarily busy, try again later!

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88899
  • No support PMs thanks
Re: Does avast detect Hawkeye generic malware in PUP-mode?
« Reply #1 on: April 08, 2020, 09:44:34 PM »
Hard to say, given no detection by Avast or AVG in the VT Results.  But they only use the on-demand scanner, so other on-access scanners might.

I wonder if there is some way to send the MD5/SHA-, etc. to avast and see if they can pull it from VT or see if they have a match on the MD5/SHA-, etc.

In due course all non-detected samples should be sent to those AVs not detecting malware.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Does avast detect Hawkeye generic malware in PUP-mode?
« Reply #2 on: April 08, 2020, 10:26:42 PM »
A good place to ask Damien is on Slack.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Does avast detect Hawkeye generic malware in PUP-mode?
« Reply #3 on: April 09, 2020, 12:58:53 AM »
Good advice, bob3160, well I also sent it down via Suspicious Site Reporter extension.
Guess that avast team follows URLHaus reports and GreyNoise reports as well.
They told me so.

Then av is like Reader's Digest, they have to make a selection of what to flag  ;D

Apart from that everyone has his own responsibility as well,
and it is a great thing you and DavidR share that responsibility.
We are always out in the trenches, in whatever position,
that we contribute in the fight against malware and malcreants.

Best regards and keep healthy during these days of the corona-virus pandemic,  :)

Damian a.k.a. polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0