App Review GoldenEye Ransomware Demonstration

  • Thread starter Thread starter MalwareBlockerYT
  • Start date Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
M

MalwareBlockerYT

Thread author
Hi all,

GoldenEye Ransomware, James Bond is coming to town! Get it? This is a brand new variant of Petya Ransomware which is James Bond themed & well has a golden colour scheme. For more information on this Ransomware: Petya Ransomware Returns with GoldenEye Version, Continuing James Bond Theme



Thanks for watching & hopefully you've enjoyed :)

Upcoming videos:

Christmas Special coming soon: Rootkit, Keyloggers & more!
Malware Removal Guide
Adware Removal Guide

Please let me know which video I should upload next (On Sunday):

VoodooShield Review, Malware Removal Guide or Adware Removal Guide?

Thanks & Merry Christmas - two weeks early :)
 
  • Like
Reactions: Venustus, AtlBo, Der.Reisende and 5 others
TheMalwareMaster said:
I'm sorry, but I don't agree with you. 41/57 is actually a high detection ratio. Quite surprising that Invincea and Crowd-Strike Falcon still doesn't detect it since they are endpoint products
Click to expand...
But 41/57 still means that 16 of those are not detecting this file. It is quite high but if all the other AVs can pickup the file then it should be much much higher. For Ransomware I believe that the detection ratio should be at least 48/57 if not higher.

But fair enough 41 is quite high I guess...
 
  • Like
Reactions: tim one, Venustus, AtlBo and 3 others
Very nice review, I cannot decide what has the higher awesomeness factor - Petya with it's flashing skull or speaking Cerber?;) Although the woman's voice isn't that natural / nice ;)
Of course, nobody deserves meeting any of those, I only enjoy reviews on them, like this one, well done @MalwareBlockerYT and thank you for sharing :)
 
  • Like
Reactions: tim one, Venustus, silversurfer and 3 others
Der.Reisende said:
Very nice review, I cannot decide what has the higher awesomeness factor - Petya with it's flashing skull or speaking Cerber?;) Although the woman's voice isn't that natural / nice ;)
Of course, nobody deserves meeting any of those, I only enjoy reviews on them, like this one, well done @MalwareBlockerYT and thank you for sharing :)
Click to expand...
My favourite ransomware is Jigsaw but Cerber, VindowsLocker, Petya, Shade, etc are all very interesting files. Thanks for watching & glad you enjoyed it :D
 
  • Like
Reactions: Venustus and Der.Reisende
good review
If we see Microsoft and Comodo detect the file in virustotal, it means it's definitely a malware :D. All the well-known vendors detected it
As we can see those who couldn't detect are the unpopular ones
 
  • Like
Reactions: Venustus, MalwareBlockerYT and Der.Reisende
41/57 = 85.96%, actually that is not a bad result since most common AV are managed to flagged it.

Although some security companies are not so good in terms of response time considering of possible lack in information gathering.
 
  • Like
Reactions: MalwareBlockerYT and Der.Reisende
MalwareBlockerYT said:
But 41/57 still means that 16 of those are not detecting this file. It is quite high but if all the other AVs can pickup the file then it should be much much higher. For Ransomware I believe that the detection ratio should be at least 48/57 if not higher.

But fair enough 41 is quite high I guess...
Click to expand...
It is sufficient that the sample is obfuscated, for example by including functions such as LoadLibrary and GetProcAddress and the AV recognition will be low enough.
Considering that this code probably includes obfuscation techniques, I think that this VT report is a good code inspection's job by AVs.
 
  • Like
Reactions: silversurfer, MalwareBlockerYT and Der.Reisende

You may also like...