mekelek

Level 28
pretty impressive, VT is full clean, but the sample is malicious according to any.run
Crystal blocked it due to it's Dynamic engine


i just can't figure out how to halt the process till decision is made...

ps: sorry for the spam, i'm just reporting interesting things while toying with it.

also got it to bug out with the sample submitting, had to restart it a few times, it stopped analyzing files or uploading them cause one file got stuck in queue and even removing it didn't help.

Stealth mode makes it a whitelist based anti-exe too :D

ps: It's an FP. dang it
 
Last edited:

mekelek

Level 28
I wanted to like this but I just can't.
the cloud uploading is buggy, it uploads files that shouldn't be uploaded, like password protected zips and then it never receives a VT result, the entry gets stuck in the UI
you can't stop an upload, you can remove it from a tab, but the tab still has it listed. for example removing it from unrecognized, overview will still have it

stuff like this is also pretty annoying, i guess its done like this to save performance and not having to wait for VT, but for example Voodooshield doesn't have this problem and gets VT results almost always instantly


still, if someone doesn't want to use this as the primary defense layer, it's the lightest and in considering that, the best VT/sig scanner I have tried yet. if you don't mind the shortcomings.
 

Behold Eck

Level 10
Verified
Good review mekelek. Some interesting points mentioned especially the silent mode pure whitelist anti-exe setting.

Hopefully Kardo can address them when he gets back from what ever he`s doing at the moment.(partying maybe:D ?)

Regards Eck:)
 

Similar Threads

Similar Threads