App Review Antivirus vs RedLine Stealer malware Competition

[Shadowra]

Content source

https://odysee.com/@Shadowra:f/Antivirus-vs-RedLine-Stealer-malware-Competition:4

Hello and welcome to this test!

You are quite numerous to recover modified .exe files on the Internet, but did you know that it is never secure?
Is it worth risking your data for a pirated program?
I have recovered 2 files through YouTube videos and tested with 7 antivirus softwares !

INFO: NEVER download software / crack or other software on untrusted sites / P2P / DDL / YouTube! The hidden malware is RedLine Stealer, a very sneaky Trojan horse designed to steal your passwords and confidential information. It is accompanied by ClipBanker, another Trojan horse that steals your banking information (credit card, account ID / Paypal etc)

Spoiler: Result

Avast : Detected 2 malwares ( Win32:CrypterX-gen [Trj] ) healthy machine and protected
Avira : Detected the 2 malwares ( TR/Crypt.OPACK.Gen )
MS Defender : Did not detect any of the malwares ! It only detects a dropper that accompanies the 1st malware (Trojan:Win32/ClipBanker!MTB) but the malware is installed in the temporary files and in Roaming. Infected machine
ESET: Detected the 2 malwares
Bitdefender: Detected the 1st one at launch, but not the 2nd one. However, it makes up for its mistake when KVRT analyzes the system by disinfecting the machine. The machine was indeed infected but Bitdefender saved it. Well done!
Kaspersky : Detects the 1st file, but not the 2nd on access. At runtime, Kaspersky detects the installation and reacts behaviorally. Machine protected.
WiseVector : Detects the 2 files

@RoboMan and @zkSnark request

 

[Moonhorse]

Came for avast , stayed for wisevector

 

[Nightwalker]

Nice, thanks for testing, as always it is very much appreciated.

Btw, what about Norton? Could it protect against this specific sample?

 

[Shadowra]

Nice, thanks for testing, as always it is very much appreciated.

Btw, what about Norton? Could it protect against this specific sample?

I didn't put it in the video, however I was able to do the test on my own.
The 2 files are not detected by the analysis. At launch, Norton deletes the first one (the fake FL Studio) with SONAR since it dropp ClipBanker. (ClipBanker is detected by Norton in the Cloud)
The 2nd one is not recognized and Norton bombards with an alert "System Infected: RedLine Stealer". I did not see any connection...
NPE on the other hand disinfects the machine followed by KVRT.

 

[Anthony Qian]

If you test F-Secure, it might detect these samples as Trojan:W32/GenInflated.B

 

[zkSnark]

Hello and welcome to this test!

You are quite numerous to recover modified .exe files on the Internet, but did you know that it is never secure?
Is it worth risking your data for a pirated program?
I have recovered 2 files through YouTube videos and tested with 7 antivirus softwares !

INFO: NEVER download software / crack or other software on untrusted sites / P2P / DDL / YouTube! The hidden malware is RedLine Stealer, a very sneaky Trojan horse designed to steal your passwords and confidential information. It is accompanied by ClipBanker, another Trojan horse that steals your banking information (credit card, account ID / Paypal etc)

Spoiler: Result

Avast : Detected 2 malwares ( Win32:CrypterX-gen [Trj] ) healthy machine and protected
Avira : Detected the 2 malwares ( TR/Crypt.OPACK.Gen )
MS Defender : Did not detect any of the malwares ! It only detects a dropper that accompanies the 1st malware (Trojan:Win32/ClipBanker!MTB) but the malware is installed in the temporary files and in Roaming. Infected machine
ESET: Detected the 2 malwares
Bitdefender: Detected the 1st one at launch, but not the 2nd one. However, it makes up for its mistake when KVRT analyzes the system by disinfecting the machine. The machine was indeed infected but Bitdefender saved it. Well done!
Kaspersky : Detects the 1st file, but not the 2nd on access. At runtime, Kaspersky detects the installation and reacts behaviorally. Machine protected.
WiseVector : Detects the 2 files

@RoboMan and @zkSnark request

Thank you for testing. So Avast, Avira, ESET and WiseVector performed better than Bitdefender and Kaspersky? Will there be a difference in result if used premium versions of these AVs?

 

[Shadowra]

Thank you for testing. So Avast, Avira, ESET and WiseVector performed better than Bitdefender and Kaspersky? Will there be a difference in result if used premium versions of these AVs?

No difference.
Everyone succeeded except Microsoft Defender (even if Kaspersky and Bitdefender reacted behaviorally, the system was not infected)

 

[zkSnark]

No difference.
Everyone succeeded except Microsoft Defender (even if Kaspersky and Bitdefender reacted behaviorally, the system was not infected)

I have been using Kaspersky. So if I install ESET too on my PC, do they conflict, or they can go along without any problems?

 

[harlan4096]

That would be a... YES! CONFLICT!

 

[likeastar20]

I have been using Kaspersky. So if I install ESET too on my PC, do they conflict, or they can go along without any problems?

There is no need, one antivirus is enough. You can't get anything better than Kaspersky in overall protection.

 

[harlan4096]

I have been using Kaspersky. So if I install ESET too on my PC, do they conflict, or they can go along without any problems?

You can visit Kaspersky forum section, in sticky threads You can find one that explains how to enhance K. prevention via protection folders and/or Default Deny approach

 

[zkSnark]

That would be a... YES! CONFLICT!

In above test, since Kaspersky detected only 1 but ESET detected both, I just wanted to install ESET too along with Kaspersky

 

[harlan4096]

K. detected one on demand and the second on execution via Behavior detection.

 

[plat]

Wise Vector saw both--I'm Impressed.
Better than some of the Big Guns there. .

 

[mlnevese]

I have been using Kaspersky. So if I install ESET too on my PC, do they conflict, or they can go along without any problems?

Never install two antiviruses, you will get conflict even if everything seems to be running well. There are some nice tutorials in this forum and other sites about layered protection and the correct way to do it if you are interested in this kind of approach.

 

[ForgottenSeer 93786]

Wise Vector saw both--I'm Impressed.
Better than some of the Big Guns there. .

The main reason for that is that it doesny have an file size limit, and relies signicantly more on local protection rather than the cloud

 

[Evjl's Rain]

Wise Vector saw both--I'm Impressed.
Better than some of the Big Guns there. .

it has been my AV of choice since version 1.x
I install WV on every device I touch Much better than some paid AVs with big claims
sadly, it's also the reason why I visit MT much less frequently

 

[Like a Western!]

WV looks dead tho

 

[Shadowra]

WV looks dead tho

Why do you say that?

 

[Azure]

Why do you say that?

I’m assuming because the lack of version updates and there hasn’t been much talk in the discussion forums by the representative.

I do wonder if they still plan to release the paid version.