Comodo Valkyrie Uploader 1.0

Status
Not open for further replies.
S

savit

Level 1
Thread author
Apr 9, 2011
120
What is Valkyrie Uploader?

Comodo Valkyrie - http://valkyrie.comodo.com/Default.aspx

To upload a file to Valkyrie, you can visit the main analysis site, click the Browse button to select a file from your hard drive, and then click the Upload File button. You can make this process even easier with the free Valkyrie Uploader utility. After installing it, you can simply right-click maximum 20 files at one time with the size of each file under 20MB and choose "Valkyrie" from the Windows menu. The verdict results will display in your browser as usual.

The first version of the Valkyrie Uploader utility is described in the How do I start? section.

http://valkyrie.comodo.com/Uploader.aspx

Send file(s) to Valkyrie

With Valkyrie Uploader, this task could be easier, just right-click on the file(s) you wish to upload and select the Valkyrie option from the windows menu:

op1.jpg


Scan running processes

Some malware samples keep running in the system as ordinary processes, it is what the antivirus industry calls active malware. Valkyrie Uploader includes a feature to help users in identifying active malware. When you click the upload active process button, Valkyrie Uploader will try to find and read the process' image file and send it to Valkyrie.

op4.jpg
 
Jack

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
Comodo FVS is a cloud based file analysis system that tests user-submitted files with a range of static and dynamic detectors - including heuristics, file look-up and real-time behavior analysis. By using FVS, our users quickly gain a verdict on the safety of an unknown file and can help accelerate the identification of zero-day malware.
Click to expand...


Ok...So I've download a malware sample from MDL (MD5 : b17aaf7eca58d693840bda0e009de5ab) -

VT Results
Comodo FVS Results
And the problem that I see is that for the Static Detection the verdict is : SAFE .. :lolz: http://valkyrie.comodo.com/Result.aspx?sha1=11EB5B89CDF968503B457FA3A81F02F0B431A49B&&query=0&&filename=BestAntivirus2011.exe

In fact the overall result is SAFE :p
Auto Result:Safe
Final Result:Safe
[attachment=167]
 

Attachments

  • save.png
    save.png
    52 KB · Views: 820
Valentin N

Valentin N

Level 2
Feb 25, 2011
1,314
I suggest people test in VMware or any alike; after it's installed the computer begins to act at it own will and hell knows where that can end.
 
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Well only in dynamic detection flagged as suspicious++. But as the overall it marked as safe.
 
Jack

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
Ok...so this is a quick test.. I've downloaded and submitted 10 Zero Day malware samples to Virus Total and Comodo File Verification Service, bellow are the results :

[attachment=168]

  1. 0723.exe
    Virustoal - Result: 33/ 41 (80.5%)
    Comodo FVS - Final Result:Malware:TrojWare.Win32.TrojanDownloader.Delf.gen
  2. btnet.exe
    Virustotal - Result: 30 /41 (73.2%)
    Comodo FVS - Final Result: Suspicious+
  3. nn342_ntodaykorea.exe
    Virustotal - Result: 20 /40 (50.0%)
    Comodo FVS - Final Result:Malware:UnclassifiedMalware
  4. play.exe
    Virustotal - Result: 23 /41 (56.1%)
    Comodo FVS - Final Result:Malware
  5. PODAROK.exe
    Virustotal - Result: 21 /41 (51.2%)
    Comodo FVS - Final Result:Suspicious+
  6. pusk2.exe
    Virustotal - Result: 3/ 42 (7.1%)
    Comodo FVS - Final Result:Safe
  7. Real_Santander.exe
    Virustotal - Result: 13/ 41 (31.7%)
    Comodo FVS - Final Result:Malware
  8. smss.exe
    Virustotal - Result: 9 /42 (21.4%)
    Comodo FVS - Final Result:Malware:Application.Win32.ClientIRC.mIRC.~AB

  9. st_7.exe
    Virustotal - Result: 30/ 42 (71.4%)
    Comodo FVS - Final Result:Safe

  10. WizSearch.exe
    Virustotal - Result: 3/ 41 (7.3%)
    Comodo FVS - Final Result:Safe
 

Attachments

  • malwaresamples.png
    malwaresamples.png
    131.8 KB · Views: 601
Valentin N

Valentin N

Level 2
Feb 25, 2011
1,314
the only thing that I find sad is that it will only be available online which means that people that have slow internet or dial-up will not benefit from it.

I also asked if it could be integrated and the answer was no; not even a high-end cpu will be able to do those calculations.

Valkyrie's main function is to reduce the generic signature

Regards,
Valentin N
 
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
14vl72v.png


Do Comodo have any plan on presenting this program better? :huh:

Looks like something one would download from a warez site.


This reply judges the GUI and not the product's service.
 
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Hmm..... I didn't expect that the GUI will be like that, probably in future versions may improved the interface.
 
Jack

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
Yeah...the GUI is not very modern..in fact I can ,most likely, draw a better one in Paint:p (kidding)
The major problem that I see are the "Safe" ratings given to malicous programs......I do hope it;s just because they are still working on this project....

For instance :

st_7.exe
Virustotal - Result: 30/ 42 (71.4%)
Comodo FVS - Final Result:Safe

st_7.exe is detected as malware by the Static Detector (AI_Detector_2 - Malware) but the Final Result is "Safe" .... I can only say - :lolz:

Aslo in my first example COMODO FVS said the file was safe even if the Dynamic Detection said it was : Suspicious++ ...why not rate this submission as : "Suspicious"

As an advice for COMODO they should add a banner to their site which says : BETA .. because their are some improvements that can be made to their ratings ..........
COMODO should release to the general public products that are tested and proffesional , and by doing so they can increase their reputation. :D


EDIT : I did forgot to say that the installer isn't signed yet ... also I don't like the icon
 
bogdan

bogdan

Level 1
Jan 7, 2011
1,362
Conclusion: We still need signature based detection :D. So far, only a human is capable of distinguishing a rogue from a legit program.
 
Status
Not open for further replies.

Similar threads

ErzCrz
    • Like
New Update Comodo Internet Security 2024 v12.3.2.8124 BETA (Feb 2024)
Replies
16
Views
1,802
Comodo
Nikola Milanovic
Nikola Milanovic
Victor M
    • Like
Free VPN servers configuration for Ubuntu 22.04 (steps for Gnome UI)
Replies
1
Views
187
ChromeOS & Linux
Bot
Bot
CyberTech
    • Like
    • HaHa
    • +Reputation
Serious Discussion Some Outlook.com users can't send emails with attachments
Replies
4
Views
461
Office, email and business apps
ForgottenSeer 100397
F

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top