App Review Bitdefender Antivirus Free [v1.0.14.76] vs Project57 ransomware

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

JM Safe

Level 39
Verified
Top Poster
Apr 12, 2015
2,882
The easy way is 1 . test the file at sanbox. 2. check your file to virus total. I do that and I never did any infection on my computer. And realy i play many with virus and cracks
Sometimes malware are FUD (on VirusTotal the detection ratio is 0). A really good method is to analyze the malware with tools like ILSpy, PEiD, IDA, etc. To check file behaviour. Obviously if you find suspicious indicators this doesn't mean a file is malicious but ONLY suspicious.
 

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
Sometimes malware are FUD (on VirusTotal the detection ratio is 0). A really good method is to analyze the malware with tools like ILSpy, PEiD, IDA, etc. To check file behaviour. Obviously if you find suspicious indicators this doesn't mean a file is malicious but ONLY suspicious.
Every time i use sandbox first. The only secure way for me
 
  • Like
Reactions: Weebarra

brod56

Level 15
Verified
Top Poster
Well-known
Feb 13, 2017
737
Agree. Download blocked = problem solved LOOOL or just use Sandboxie always and you will not get infected because even if the download isn't blocked the ransomware is in the sandbox and it cannot touch real OS.
I'm not a huge fan of sandboxing programs on a regular basis (for a home user), the last time I tried it caused a considerable performance it. I may be too nitpicky though.
Of course a Virus Total check is always a good practice.
 

brod56

Level 15
Verified
Top Poster
Well-known
Feb 13, 2017
737
That's strange guys. I think the ransomware of this test is sophisticated and it could use AVs bypass techniques.
It would be interesting to analyze this sample, because it doesn't seem to generate any child processes or trigger wscript/powershell etc
 
  • Like
Reactions: stefanos

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
I'm not a huge fan of sandboxing programs on a regular basis (for a home user), the last time I tried it caused a considerable performance it. I may be too nitpicky though.
Of course a Virus Total check is always a good practice.
You don t need to sandboxing everythink.
 
  • Like
Reactions: Weebarra and brod56

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
Yeah, but it would make sense to sandbox every installer, which I'm not a fan of :unsure:


It's perfectly understandable! I wish I could speak Greek like you speak English :)
No every installer. Sure you know if the installer is safe or not safe. And how many installs do every day??
 
  • Like
Reactions: Weebarra

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
Then what's the purpose of sandboxing? It's a contradiction imo
Because of my bad english i can t expain you.You can understand if the file is suspicious for sanboxing or not. Sure you not sanboxing the Kaspersy installer or the Comodo installer if you downloaded from the original site
 
  • Like
Reactions: Weebarra

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
Sometimes malware are FUD (on VirusTotal the detection ratio is 0). A really good method is to analyze the malware with tools like ILSpy, PEiD, IDA, etc. To check file behaviour. Obviously if you find suspicious indicators this doesn't mean a file is malicious but ONLY suspicious.
Never install something if i anderstand is and only suspicious. I wait until I see that I'm sure it's safe
 
  • Like
Reactions: Weebarra

brod56

Level 15
Verified
Top Poster
Well-known
Feb 13, 2017
737
Because of my bad english i can t expain you.You can understand if the file is suspicious for sanboxing or not. Sure you not sanboxing the Kaspersy installer or the Comodo installer if you downloaded from the original site
The way I see is: if you're only sandboxing suspicious software (cracks, keygens, etc) then you'd be better not running them at all. That's way I don't see much purpose on sandboxing on a regular use, perhaps except for the browser.
@JM Security I see you sandbox your browser which I find interesting. Is it only to prevent possible exploits or any other reason?
 

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
The way I see is: if you're only sandboxing suspicious software (cracks, keygens, etc) then you'd be better not running them at all. That's way I don't see much purpose on sandboxing on a regular use, perhaps except for the browser.
@JM Security I see you sandbox your browser which I find interesting. Is it only to prevent possible exploits or any other reason?
I can expain you with my bad english what you can protect with sanbox. 1. browsers. 2 exe. 3. ms office. Maby one person with good english can explain what you can do with sandbox. And is many thinks. One post from AtlBo
8 QH Settings Main Tool Box Sandbox Settings for Microsoft Office to Autorun Sandboxed.jpg
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top