Huorong Internet Security Stable (heavily tweaked) - March 2021 report

Der.Reisende

Level 45
Thread author
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
March 2021​
Samples Pack​
Static Detection​
Dynamic Detection​
Total Detection​
System files encrypted​
2nd_opinion scanners result
(NPE + HMP)
inactive remnants will also lead to "infected"​
System final status
br = before reboot
ar = after reboot
within SD environment
reboot = logout​
01/03/2021​
2​
0​
2​
2​
no
clean
clean
02/03/2021​
2​
0​
2​
2​
no
infected
not clean
04/03/2021​
2​
0​
2​
2​
no
clean
clean
05/03/2021​
11​
4​
6​
10​
no
infected
infected (br) / not clean (ar)
06/03/2021​
2​
0​
1​
1​
no
clean
protected
08/03/2021​
3​
3​
0​
3​
no / yes, some (bonus dynamic test with RTP off)
infected
infected
09/03/2021​
3​
0​
3​
3​
no
clean
infected (br) / protected (ar)
10/03/2021​
1​
0​
1​
1​
no
clean
infected (br) / protected (ar)
11/03/2021​
2​
1​
1​
2​
no / yes, some (bonus dynamic test with RTP off)
clean
infected (br) / protected (ar)
12/03/2021​
10​
4​
6​
10​
no
infected
infected (br) / not clean (ar)
13/03/2021​
3​
1​
1​
2​
yes, some (8) / Bonus dynamic test with RTP off: 26
infected
infected
14/03/2021​
1​
1​
0​
1​
no / Bonus dynamic test with RTP off: yes, some
clean / infected (bonus dynamic test with RTP off)
clean / infected (bonus dynamic test with RTP off)
14/03/2021​
1​
1​
0​
1​
no / Bonus dynamic test with RTP off: yes, 15
clean
clean / infected (bonus dynamic test with RTP off)
16/03/2021​
2​
0​
1​
1​
no
clean
protected
17/03/2021​
3​
0​
2​
2​
no
clean
infected (br) / not clean (ar)
18/03/2021​
6​
3​
3​
6​
no
clean
not clean
19/03/2021​
5​
3​
0​
3​
yes
infected
infected
20/03/2021​
5​
1​
2​
3​
rather wiped
(explicit user input needed!)
infected
infected
23/03/2021​
3​
0​
3​
3​
no
clean
infected (br) / not clean (ar)
25/03/2021​
5​
3​
2​
5​
no
clean
protected
26/03/2021​
1​
1​
1​
1​
no
clean
clean
27/03/2021​
0​
1​
1​
1​
no
infected
infected (br) / not clean (ar)
29/03/2021​
15​
8​
5​
13​
no
clean
infected (br) / not clean (ar)
29/03/2021​
1​
0​
1​
1​
no
clean
clean
30/03/2021​
3​
1​
1​
2​
no
clean
infected (br) / not clean (ar)
31/03/2021​
13​
6​
6​
12​
no
clean
infected (br) / not clean (ar)
Action on threat detection: clean (instead of ask)
Behavior Based Detection: Enable Ransomware Trapping
HIPS: File / Registry / Sensitive action: all possible rules enabled (default action is still "ask")
HIPS: Enable Network Access Control (kinda outbound Firewall, colour indicator green and orange - safe or not)
HIPS: Webcam Protection: uncheck "Permit programs with a valid digital signature" and "Permit system core programs"
Installation Detection: Automatically block recognized installations of unlisted softwares
Firewall: Lateral Movement Protection - Remote MMC and Remote WMI also on
Network Access Control on (=two-way Firewall)
Advanced: Enable custom rules
Imported custom rules shared by user JerryLin - v4.24_1 - Update - Huorong Internet Security (Stable)
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top