« previous next »
Pages: [1]   Go Down

Author Topic: malware not detected  (Read 1295 times)

0 Members and 1 Guest are viewing this topic.

Offline Hobbitmann

  • Newbie
  • *
  • Posts: 19
malware not detected
« on: September 23, 2023, 01:17:42 AM »
Logged

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89224
  • No support PMs thanks
Re: malware not detected
« Reply #1 on: September 23, 2023, 01:50:19 AM »
Avast should get undetected samples from Virus Total.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.4.6112 (build 24.4.9067.762) UI 1.0.803/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Re: malware not detected
« Reply #2 on: September 23, 2023, 04:59:13 PM »
L.S.

Delving into this a little bit deeper, we will find that
malware is always being launched from somewhere on the Interwebz.
So it comes in from a particular IP address.

Here one of that launching IP addresses is flagged as fraudulent (given by that particular VT analysis *:
https://www.ipqualityscore.com/free-ip-lookup-proxy-vpn-test/lookup/131.107.255.255
and as being confirmed here: https://www.virustotal.com/gui/url/8ac1e3b7689888afe41c46c03625268495c31263a5df2b23ab9c9a003bc5c553 *
(mentioned as a lokibot campaign address). Also: https://www.ipqualityscore.com/free-ip-lookup-proxy-vpn-test/lookup/20.99.184.37
and https://www.abuseipdb.com/check/20.99.184.37 (with malicious back-end servers involved).
See also: https://www.reddit.com/r/cybersecurity/comments/ywmon4/possible_hidden_malware_in_vm_detection_github/?rdt=60517

So there are more ways for avast to be aware of such samples and sources, but not all instances can come included in their definitions.
That is no excuse, but a practicality all and every AV solution have to keep up with.

That is why I like to include the safetoopen extension in the browser.

polonus
« Last Edit: September 23, 2023, 05:19:11 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Hobbitmann

  • Newbie
  • *
  • Posts: 19
Re: malware not detected
« Reply #3 on: October 07, 2023, 12:22:55 AM »
Any solution so that the antivirus can detect these dangerous samples?
Greetings.
Logged

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89224
  • No support PMs thanks
Re: malware not detected
« Reply #4 on: October 07, 2023, 02:01:15 AM »
Quote from: Hobbitmann on October 07, 2023, 12:22:55 AM
Any solution so that the antivirus can detect these dangerous samples?
Greetings.

You did notice that Avast doesn't appear on the list of AVs on VT.
Essentially it doesn't do the on-demand scan that is being done on VT, so it won't appear on the list of AVs, not just AVs that don't detect it.

I don't know if it would detect in a live environment, with the Web Shield, File System Shield, Behaviour Shield, etc. - You can send samples direct to Avast:
Reporting a possible Malicious sample File or Website - https://www.avast.com/report-malicious-file.php.
From the link select File, Click Browse, that will open Explorer, select the file from the location you have it and Submit.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.4.6112 (build 24.4.9067.762) UI 1.0.803/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security
Pages: [1]   Go Up
« previous next »