Questions

[Pondus]

Another question ,  do avast automated system identify the malware type for those sample that don't require human to check ? (such as trojan or ransomeware and what if it is a trojan and ransome at same time ?)
And do avast automated system auto unzip the zip file ?

All malware samples are analyzed by auto systems because of the enormus amount of files they recive

Ransomware is a trojan

[Pondus]

Isn't this a bit of a joke, doesn't GData use two other companies virus engine/database ?

Joke ? What do you mean?

[hozewm]

Another question ,  do avast automated system identify the malware type for those sample that don't require human to check ? (such as trojan or ransomeware and what if it is a trojan and ransome at same time ?)
And do avast automated system auto unzip the zip file ?

All malware samples are analyzed by auto systems because of the enormus amount of files they recive

Ransomware is a trojan

ok thanks , but if the auto system missed a sample and it was not send the avast team , then how to let them review it ?

[hozewm]

-> https://support.avast.com/en-ww/article/150/

the reason i say they should add the option is because do a sample need to send to avast when the sandbox can't indefinite is a sample malicious or clean , however because the analysis time is too short , the sandbox will be easily bypass by malware.

[Pondus]

Another question ,  do avast automated system identify the malware type for those sample that don't require human to check ? (such as trojan or ransomeware and what if it is a trojan and ransome at same time ?)
And do avast automated system auto unzip the zip file ?

All malware samples are analyzed by auto systems because of the enormus amount of files they recive

Ransomware is a trojan

ok thanks , but if the auto system missed a sample and it was not send the avast team , then how to let them review it ?

All samples uploaded to virustotal are shared among all VT members

[hozewm]

Another question ,  do avast automated system identify the malware type for those sample that don't require human to check ? (such as trojan or ransomeware and what if it is a trojan and ransome at same time ?)
And do avast automated system auto unzip the zip file ?

All malware samples are analyzed by auto systems because of the enormus amount of files they recive

Ransomware is a trojan

ok thanks , but if the auto system missed a sample and it was not send the avast team , then how to let them review it ?

All samples uploaded to virustotal are shared among all VT members

but will they even analysis it ? or they just put all the things in sandbox ?

[hozewm]

Another question ,  do avast automated system identify the malware type for those sample that don't require human to check ? (such as trojan or ransomeware and what if it is a trojan and ransome at same time ?)
And do avast automated system auto unzip the zip file ?

All malware samples are analyzed by auto systems because of the enormus amount of files they recive

Ransomware is a trojan

ok thanks , but if the auto system missed a sample and it was not send the avast team , then how to let them review it ?

All samples uploaded to virustotal are shared among all VT members

but will they even analysis it ? or they just put all the things in sandbox ?

and also some malware will need to do some action to active it.

[Asyn]

...however because the analysis time is too short , the sandbox will be easily bypass by malware.

-> https://www.avast.com/bug-bounty

[hozewm]

...however because the analysis time is too short , the sandbox will be easily bypass by malware.

-> https://www.avast.com/bug-bounty

is this even a bug ? i think it is just bad designed.

[Asyn]

...however because the analysis time is too short , the sandbox will be easily bypass by malware.

-> https://www.avast.com/bug-bounty

is this even a bug ? i think it is just bad designed.

Depends if you can prove what you said.

[DavidR]

Isn't this a bit of a joke, doesn't GData use two other companies virus engine/database ?

Joke ? What do you mean?

Sorry it is irony

As in they are hardly in control over their own virus naming conventions if they are using the services of two other AVs (at least the did, I don't know if that is still correct).  A long time ago Avast was one of these AVs.

[Pondus]

Another question ,  do avast automated system identify the malware type for those sample that don't require human to check ? (such as trojan or ransomeware and what if it is a trojan and ransome at same time ?)
And do avast automated system auto unzip the zip file ?

All malware samples are analyzed by auto systems because of the enormus amount of files they recive

Ransomware is a trojan

ok thanks , but if the auto system missed a sample and it was not send the avast team , then how to let them review it ?

All samples uploaded to virustotal are shared among all VT members

but will they even analysis it ? or they just put all the things in sandbox ?

only if the file need special attention

you can also send files direct to avast lab 
https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438

[Pondus]

Isn't this a bit of a joke, doesn't GData use two other companies virus engine/database ?

Joke ? What do you mean?

Sorry it is irony

As in they are hardly in control over their own virus naming conventions if they are using the services of two other AVs (at least the did, I don't know if that is still correct).  A long time ago Avast was one of these AVs.

If they use another vendors AV engine then the owner of that engine is the one that create signature and name


Eksample here
https://www.virustotal.com/gui/file/922bc561fe72498410d5c835715b6f7ca622d8ec96fb018ded9ec346724645ab

all those with name Trojan.GenericKD.47609888  is using Bitdefender engine
Emsisoft has a (B) after the name, meaning they use more then one engine and it was engine B that detected it

[DavidR]

Isn't this a bit of a joke, doesn't GData use two other companies virus engine/database ?

Joke ? What do you mean?

Sorry it is irony

As in they are hardly in control over their own virus naming conventions if they are using the services of two other AVs (at least the did, I don't know if that is still correct).  A long time ago Avast was one of these AVs.

If they use another vendors AV engine then the owner of that engine is the one that create signature and name
<snip>

Which is exactly the irony I'm talking about, the difficulty of multiple (not just two) AV companies with different methods of detection and naming conventions to have common/the same malware names.

What is the likelihood of Engine A and B having the same malware name (if the both detected it) and that's just two AV signature databases.

[Pondus]

Isn't this a bit of a joke, doesn't GData use two other companies virus engine/database ?

Joke ? What do you mean?

Sorry it is irony

As in they are hardly in control over their own virus naming conventions if they are using the services of two other AVs (at least the did, I don't know if that is still correct).  A long time ago Avast was one of these AVs.

If they use another vendors AV engine then the owner of that engine is the one that create signature and name
<snip>

Which is exactly the irony I'm talking about, the difficulty of multiple (not just two) AV companies with different methods of detection and naming conventions to have common/the same malware names.

What is the likelihood of Engine A and B having the same malware name (if the both detected it) and that's just two AV signature databases.

those AV that use multi engines (usually two) only show detection from one, have never seen anyone display more then one detection